MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

[threat-actors] Add Dalbit

pull/890/head
Mathieu4141 2023-11-07 10:37:08 -08:00
parent 56f990d100
commit f52382a29a
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
clusters/threat-actor.json
View File

@ -12797,6 +12797,20 @@
},
"uuid": "87f1ab70-a102-4566-a09e-838b39c18a62",
"value": "BlueBottle"
},
{
"description": "The group usually targets vulnerable servers to breach information including internal data from companies or encrypts files and demands money. Their targets of attack are usually Windows servers that are poorly managed or are not patched to the latest version. Besides these, there are also attack cases that targeted email servers or MS-SQL database servers.",
"meta": {
"country": "CN",
"refs": [
"https://asec.ahnlab.com/en/56941/",
"https://asec.ahnlab.com/en/56236/",
"https://asec.ahnlab.com/en/47455/",
"https://blog.sekoia.io/my-teas-not-cold-an-overview-of-china-cyber-threat/"
]
},
"uuid": "be4ea668-6a74-44d9-946e-e98e64a8855b",
"value": "Dalbit"
}
],
"version": 293