mirror of https://github.com/MISP/misp-galaxy
[threat-actors] Add Gitloker
parent
fb177f95db
commit
b317c4ff6b
|
@ -16099,6 +16099,17 @@
|
||||||
},
|
},
|
||||||
"uuid": "fd17cd3c-5131-4907-be7d-83a0c7dabd36",
|
"uuid": "fd17cd3c-5131-4907-be7d-83a0c7dabd36",
|
||||||
"value": "UTG-Q-008"
|
"value": "UTG-Q-008"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "Gitloker is a threat actor group targeting GitHub repositories, wiping their contents, and extorting victims for their data. They use stolen credentials to compromise accounts, claim to have created a backup, and instruct victims to contact them on Telegram. The attackers leave a ransom note in the form of a README file, urging victims to negotiate the return of their data. GitHub is working to combat these evolving attacks and the vulnerabilities they exploit.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://www.itsecurityguru.org/2024/06/13/guest-blog-proactive-application-security-learning-from-the-recent-github-extortion-campaigns/",
|
||||||
|
"https://www.bleepingcomputer.com/news/security/new-gitloker-attacks-wipe-github-repos-in-extortion-scheme/"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "75cc313a-6a95-4ab8-b7f8-bfd7e4a7fe00",
|
||||||
|
"value": "Gitloker"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 310
|
"version": 310
|
||||||
|
|
Loading…
Reference in New Issue