mirror of https://github.com/MISP/misp-galaxy
[threat-actors] Add Storm-1567
parent
eb8db810c0
commit
7607dc70cf
|
@ -14662,6 +14662,23 @@
|
|||
},
|
||||
"uuid": "e18dca82-0524-4338-9a66-e13e67c81ac4",
|
||||
"value": "Storm-1152"
|
||||
},
|
||||
{
|
||||
"description": "Storm-1567 is the threat actor behind the Ransomware-as-a-Service Akira. They attacked Swedish organizations in March 2023. This ransomware utilizes the ChaCha encryption algorithm, PowerShell, and Windows Management Instrumentation (WMI). Microsoft's Defender for Endpoint successfully blocked a large-scale hacking campaign carried out by Storm-1567, highlighting the effectiveness of their security solution.",
|
||||
"meta": {
|
||||
"refs": [
|
||||
"https://news.sophos.com/en-us/2023/12/20/cryptoguard-an-asymmetric-approach-to-the-ransomware-battle/",
|
||||
"https://securelist.com/crimeware-report-fakesg-akira-amos/111483/",
|
||||
"https://www.trellix.com/en-us/about/newsroom/stories/research/akira-ransomware.html",
|
||||
"https://blog.sekoia.io/sekoia-io-mid-2023-ransomware-threat-landscape",
|
||||
"https://decoded.avast.io/threatresearch/avast-q2-2023-threat-report/"
|
||||
],
|
||||
"synonyms": [
|
||||
"Akira"
|
||||
]
|
||||
},
|
||||
"uuid": "3a912680-6f38-4fe7-9941-744f0e2280b3",
|
||||
"value": "Storm-1567"
|
||||
}
|
||||
],
|
||||
"version": 298
|
||||
|
|
Loading…
Reference in New Issue