From 6d90c3e691fb1b47292900757541ee883b011951 Mon Sep 17 00:00:00 2001
From: Kafeine <Kafeine@users.noreply.github.com>
Date: Thu, 11 May 2017 11:30:50 +0100
Subject: [PATCH] +Bingo -- Hunter > Retired

---
 clusters/exploit-kit.json | 32 +++++++++++++++++++-------------
 1 file changed, 19 insertions(+), 13 deletions(-)

diff --git a/clusters/exploit-kit.json b/clusters/exploit-kit.json
index d6986f7..9de846d 100755
--- a/clusters/exploit-kit.json
+++ b/clusters/exploit-kit.json
@@ -13,7 +13,13 @@
         ],
 		"status": "Active"
        }
-    }
+    },
+    {
+      "value": "Bingo",
+      "description": "Bingo EK is the name chosen by the defense for a Fiesta-ish EK first spotted in March 2017 and targetting at that times mostly Russia",
+      "meta": {
+        "status": "Active"
+      }
 ,
     { "value": "Terror EK",
       "description": "Terror EK is built on Hunter, Sundown and RIG EK code",
@@ -58,18 +64,7 @@
        }
     }
 ,
-    { "value": "Hunter",
-      "description": "Hunter EK is an evolution of 3Ros EK",
-      "meta": {
-        "refs": [
-          "https://www.proofpoint.com/us/threat-insight/post/Hunter-Exploit-Kit-Targets-Brazilian-Banking-Customers"
-        ],
-        "synonyms": [
-          "3ROS Exploit Kit"
-        ],
-        "status": "Active"
-      }
-    },
+
     {
       "value": "Kaixin",
       "description": "Kaixin is an exploit kit mainly seen behind compromised website in Asia",
@@ -172,6 +167,17 @@
         ],
         "status": "Retired"
       }
+    },  { "value": "Hunter",
+      "description": "Hunter EK is an evolution of 3Ros EK",
+      "meta": {
+        "refs": [
+          "https://www.proofpoint.com/us/threat-insight/post/Hunter-Exploit-Kit-Targets-Brazilian-Banking-Customers"
+        ],
+        "synonyms": [
+          "3ROS Exploit Kit"
+        ],
+        "status": "Retired - Last seen 2017-02-06"
+      }
     },
     {
       "value": "GreenFlash Sundown",