[threat-actors] Add DarkRaaS

clusters/threat-actor.json

@@ -17108,6 +17108,18 @@
       },
       "uuid": "793280d5-d28c-4d4a-87b6-487ba9d9fbd1",
       "value": "IcePeony"
+    },
+    {
+      "description": "DarkRaaS is a threat actor specializing in selling unauthorized access to various organizations' systems and networks across multiple countries, with a recent focus on targets in Israel, UAE, Turkey, and South America 4 9 20. The group has been operating for at least six years and typically offers access to sensitive data, internal systems, and infrastructure, with prices ranging up to $25,000 for VPN access 4 9. Their targets span various sectors including government institutions, educational facilities, oil and gas companies, and IT organizations, often claiming to have access to multiple terabytes of sensitive data 7 19.",
+      "meta": {
+        "refs": [
+          "https://cyberpress.org/darkraas-ransomware-oil-gas-company/",
+          "https://cyberpress.org/darkraas-ransomware-intelligence-data/",
+          "https://dailydarkweb.net/darkraas-allegedly-breached-a-major-oil-and-gas-company/"
+        ]
+      },
+      "uuid": "0c18304e-e65f-4881-94e1-cc2d621ec563",
+      "value": "DarkRaaS"
     }
   ],
   "version": 318