From 580d2c693132ba7a08a69e60e3f269acd169de22 Mon Sep 17 00:00:00 2001
From: Mathieu Beligon <mathieu@feedly.com>
Date: Fri, 16 Sep 2022 20:00:45 -0600
Subject: [PATCH] [threat-actors] Add NoName057(16)

---
 clusters/threat-actor.json | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index 48fd6c6f..fa156985 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -9735,6 +9735,33 @@
       },
       "uuid": "fd82cd40-9306-4285-8fae-ad29a9711603",
       "value": "Hezb"
+    },
+    {
+      "description": "NoName057(16) is performing DDoS attacks on websites belonging to governments, news agencies, armies, suppliers, telecommunications companies, transportation authorities, financial institutions, and more in Ukraine and neighboring countries supporting Ukraine, like Ukraine itself, Estonia, Lithuania, Norway, and Poland.",
+      "meta": {
+        "cfr-suspected-victims": [
+          "Ukraine",
+          "Estonia",
+          "Lithuania",
+          "Norway",
+          "Poland"
+        ],
+        "cfr-target-category": [
+          "Financial",
+          "Government",
+          "Military",
+          "Telecommunications",
+          "Transportation"
+        ],
+        "cfr-type-of-incident": [
+          "Denial of service"
+        ],
+        "refs": [
+          "https://decoded.avast.io/martinchlumecky/bobik/"
+        ]
+      },
+      "uuid": "e62937d0-dec6-4c39-a836-e43b1d138df4",
+      "value": "NoName057(16)"
     }
   ],
   "version": 247