From 72e085aba92dfecbc304d01c0e92e6e9c0fe1f4e Mon Sep 17 00:00:00 2001
From: StefanKelm <StefanKelm@users.noreply.github.com>
Date: Wed, 2 Dec 2020 11:44:29 +0100
Subject: [PATCH] Update threat-actor.json

OceanLotus
---
 clusters/threat-actor.json | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 23c5178..dc55034 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -4481,7 +4481,8 @@
           "https://www.cfr.org/interactive/cyber-operations/ocean-lotus",
           "https://www.accenture.com/us-en/blogs/blogs-pond-loach-delivers-badcake-malware",
           "https://www.secureworks.com/research/threat-profiles/tin-woodlawn",
-          "https://www.volexity.com/blog/2020/11/06/oceanlotus-extending-cyber-espionage-operations-through-fake-websites/"
+          "https://www.volexity.com/blog/2020/11/06/oceanlotus-extending-cyber-espionage-operations-through-fake-websites/",
+          "https://www.trendmicro.com/en_us/research/20/k/new-macos-backdoor-connected-to-oceanlotus-surfaces.html"
         ],
         "synonyms": [
           "OceanLotus Group",
@@ -8499,5 +8500,5 @@
       "value": "Operation Skeleton Key"
     }
   ],
-  "version": 191
+  "version": 192
 }