misp-galaxy/clusters/tds.json

152 lines
3.9 KiB
JSON

{
"authors": [
"Kafeine"
],
"category": "tool",
"description": "TDS is a list of Traffic Direction System used by adversaries",
"name": "TDS",
"source": "MISP Project",
"type": "tds",
"uuid": "ab5fffaa-c5f6-11e6-9d9d-cec0c932ce01",
"values": [
{
"description": "Keitaro TDS is among the mostly used TDS in drive by infection chains",
"meta": {
"refs": [
"https://keitarotds.com/"
],
"type": [
"Commercial"
]
},
"uuid": "94c57fc0-4477-4643-b539-55ba8c455df6",
"value": "Keitaro"
},
{
"description": "BlackTDS is mutualised TDS advertised underground since end of December 2017",
"meta": {
"refs": [
"https://blacktds[.com/"
],
"type": [
"Underground"
]
},
"uuid": "d5c0cf8d-8ed0-4fa2-a2e6-7274516ea1c8",
"value": "BlackTDS"
},
{
"description": "ShadowTDS is advertised underground since 2016-02. It's in fact more like a Social Engineering kit focused on Android and embedding a TDS",
"meta": {
"type": [
"Underground"
]
},
"uuid": "2680a4b1-84d1-4af0-8126-4429a90f8ef8",
"value": "ShadowTDS"
},
{
"description": "Sutra TDS was dominant from 2012 till 2015",
"meta": {
"refs": [
"http://kytoon.com/sutra-tds.html"
],
"type": [
"Commercial"
]
},
"uuid": "67f21003-bbc8-4993-b615-f990e539929f",
"value": "Sutra"
},
{
"description": "SimpleTDS is a basic open source TDS",
"meta": {
"refs": [
"https://sourceforge.net/projects/simpletds/"
],
"synonyms": [
"Stds"
],
"type": [
"OpenSource"
]
},
"uuid": "aa179c37-1a8a-4761-841a-cc940e19d7be",
"value": "SimpleTDS"
},
{
"description": "zTDS is an open source TDS",
"meta": {
"refs": [
"http://ztds.info/doku.php"
],
"type": [
"OpenSource"
]
},
"uuid": "7a84de25-545a-4220-b500-85b9219dd67d",
"value": "zTDS"
},
{
"description": "BossTDS",
"meta": {
"refs": [
"http://bosstds.com/"
],
"type": [
"Commercial"
]
},
"uuid": "5a483b4b-671a-4113-9b99-a115d2d2d644",
"value": "BossTDS"
},
{
"description": "BlackHat TDS is sold underground.",
"meta": {
"refs": [
"http://malware.dontneedcoffee.com/2014/04/meet-blackhat-tds.html"
],
"type": [
"Underground"
]
},
"uuid": "36aa3b2d-4927-45e5-be08-f30144fd1909",
"value": "BlackHat TDS"
},
{
"description": "Futuristic TDS is the TDS component of BlackOS/CookieBomb/NorthTale Iframer",
"meta": {
"type": [
"Underground"
]
},
"uuid": "19d8eab9-72d5-4f22-affb-c0d6aed66346",
"value": "Futuristic TDS"
},
{
"description": "Orchid TDS was sold underground. Rare usage",
"meta": {
"type": [
"Underground"
]
},
"uuid": "ec0048f2-a7b2-4a71-83de-6e8fe4fef252",
"value": "Orchid TDS"
},
{
"description": "Proofpoint has tracked the 404 TDS since at least September 2022. Proofpoint is not aware if this is a service sold on underground forums, but it is likely a shared or sold tool due to its involvement in a variety of phishing and malware campaigns.",
"meta": {
"refs": [
"https://www.proofpoint.com/us/blog/threat-insight/screentime-sometimes-it-feels-like-somebodys-watching-me"
],
"type": [
"Underground"
]
},
"uuid": "7b956ff0-9021-499c-82a4-24b958cb32d9",
"value": "404 TDS"
}
],
"version": 5
}