mirror of https://github.com/MISP/misp-galaxy
[threat-actors] Add Earth Kitsune
parent
5d6bcf5e55
commit
6e7e5e60ce
|
@ -13101,6 +13101,19 @@
|
|||
},
|
||||
"uuid": "ab376039-4ede-4dfc-a45b-c80d9d994657",
|
||||
"value": "FusionCore"
|
||||
},
|
||||
{
|
||||
"description": "Earth Kitsune is an advanced persistent threat actor that has been active since at least 2019. They primarily target individuals interested in North Korea and use various tactics, such as compromising websites and employing social engineering, to distribute self-developed backdoors. Earth Kitsune demonstrates technical proficiency and continuously evolves their tools, tactics, and procedures. They have been associated with malware such as WhiskerSpy and SLUB.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://www.trendmicro.com/en_us/research/23/b/earth-kitsune-delivers-new-whiskerspy-backdoor.html",
|
||||
"https://www.trendmicro.com/en_us/research/20/l/who-is-the-threat-actor-behind-operation-earth-kitsune-.html",
|
||||
"https://www.trendmicro.com/en_us/research/20/j/operation-earth-kitsune-a-dance-of-two-new-backdoors.html",
|
||||
"https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-earth-kitsune-tracking-slub-s-current-operations/"
|
||||
]
|
||||
},
|
||||
"uuid": "a9f29636-26e4-42f0-95d1-7a49dd6f0a79",
|
||||
"value": "Earth Kitsune"
|
||||
}
|
||||
],
|
||||
"version": 294
|
||||
|
|
Loading…
Reference in New Issue