MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

[threat-actors] Keep meta from old Xenotime

pull/765/head
Mathieu Beligon 2022-09-13 11:40:17 -07:00
parent 273c7c9b97
commit e1f5d3b5d8
1 changed files with 5 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
clusters/threat-actor.json
View File

@ -7109,6 +7109,8 @@
{ {
"description": "TEMP.Veles is a Russia-based threat group that has targeted critical infrastructure. The group has been observed utilizing TRITON, a malware framework designed to manipulate industrial safety systems.", "description": "TEMP.Veles is a Russia-based threat group that has targeted critical infrastructure. The group has been observed utilizing TRITON, a malware framework designed to manipulate industrial safety systems.",
"meta": { "meta": {
"capabilities": "TRISIS, custom credential harvesting",
"mode-of-operation": "Focused on physical destruction and long-term persistence",
"refs": [ "refs": [
"https://dragos.com/resource/trisis-analyzing-safety-system-targeting-malware/", "https://dragos.com/resource/trisis-analyzing-safety-system-targeting-malware/",
"https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html", "https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html",
@ -7116,11 +7118,13 @@
"https://cyberthreat.thalesgroup.com/attackers/ATK91", "https://cyberthreat.thalesgroup.com/attackers/ATK91",
"https://www.dragos.com/threat/xenotime/" "https://www.dragos.com/threat/xenotime/"
], ],
"since": "2014",
"synonyms": [ "synonyms": [
"Xenotime", "Xenotime",
"G0088", "G0088",
"ATK91" "ATK91"
] ],
"victimology": "Oil and Gas, Middle East"
}, },
"uuid": "90abfc42-91c6-11e9-89b1-af58de8f7ec2", "uuid": "90abfc42-91c6-11e9-89b1-af58de8f7ec2",
"value": "TEMP.Veles" "value": "TEMP.Veles"