MISP
/
misp-galaxy
mirror of https://github.com/MISP/misp-galaxy
2
0
Fork 0
Code Issues Releases Wiki Activity

[threat-actors] Add Chernovite

pull/896/head
Mathieu4141 2023-11-16 07:10:18 -08:00
parent 03d16eba61
commit f759525c25
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
clusters/threat-actor.json
View File

@ -13028,6 +13028,20 @@
},
"uuid": "fcb18ca2-ea45-4f5c-a827-ed8b6b697a08",
"value": "VulzSecTeam"
},
{
"description": "Chernovite is a highly capable and sophisticated threat actor group that has developed a modular ICS malware framework called PIPEDREAM. They are known for targeting industrial control systems and operational technology environments, with the ability to disrupt, degrade, and potentially destroy physical processes. Chernovite has demonstrated a deep understanding of ICS protocols and intrusion techniques, making them a significant threat to critical infrastructure sectors.",
"meta": {
"country": "RU",
"refs": [
"https://www.dragos.com/blog/pipedream-mousehole-opcua-module/",
"https://www.dragos.com/blog/industry-news/chernovite-pipedream-malware-targeting-industrial-control-systems/",
"https://www.dragos.com/threats/the-2022-ics-ot-vulnerability-briefing-recap/",
"https://www.dragos.com/blog/responding-to-chernovites-pipedream-with-dragos-global-services/"
]
},
"uuid": "2ce00149-9a25-4dea-8dd5-59bdb68d11a1",
"value": "Chernovite"
}
],
"version": 294