From c11834aec420254d9dc1fcca8574a91631c9e1c7 Mon Sep 17 00:00:00 2001
From: Mathieu4141 <mathieu@feedly.com>
Date: Thu, 29 Feb 2024 10:38:27 -0800
Subject: [PATCH] [threat-actors] Add R00tK1T

---
 clusters/threat-actor.json | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json
index d6c47e0..49dcfab 100644
--- a/clusters/threat-actor.json
+++ b/clusters/threat-actor.json
@@ -15312,6 +15312,18 @@
       },
       "uuid": "95634994-9604-4fe6-9462-f472c2d82271",
       "value": "Mogilevich"
+    },
+    {
+      "description": "R00TK1T is a hacking group known for sophisticated cyber attacks targeting governmental agencies in Malaysia, including data exfiltration from the National Population and Family Development Board. The group has publicized their successful attacks on social media, showcasing stolen data. R00TK1T has also targeted Malaysian telecom providers, defacing portals and potentially breaching user data. ",
+      "meta": {
+        "country": "IL",
+        "refs": [
+          "https://logrhythm.com/blog/how-government-agencies-can-defend-against-exfiltration-tactics/",
+          "https://cyble.com/blog/cyble-chronicles-february-1-latest-findings-recommendations-for-the-cybersecurity-community/"
+        ]
+      },
+      "uuid": "69a944ef-4962-432e-a1b9-575b646ee2ed",
+      "value": "R00tK1T"
     }
   ],
   "version": 302