Skip to content

Commit

Permalink
Merge pull request #875 from Mathieu4141/threat-actors/add-void-rabisu
Browse files Browse the repository at this point in the history
[threat-actors] Add Void Rabisu
  • Loading branch information
adulau authored Oct 16, 2023
2 parents fe77114 + 537ef08 commit 8702092
Showing 1 changed file with 34 additions and 0 deletions.
34 changes: 34 additions & 0 deletions clusters/threat-actor.json
Original file line number Diff line number Diff line change
Expand Up @@ -11959,6 +11959,40 @@
],
"uuid": "32eebd31-5e0f-4fb9-b478-26ff4e48aaf4",
"value": "AtlasCross"
},
{
"description": "Void Rabisu is an intrusion set associated with both financially motivated ransomware attacks and targeted campaigns on Ukraine and countries supporting Ukraine.",
"meta": {
"cfr-suspected-victims": [
"Ukraine",
"European Union"
],
"references": [
"https://www.trendmicro.com/en_us/research/23/j/void-rabisu-targets-female-leaders-with-new-romcom-variant.html",
"https://www.trendmicro.com/en_za/research/23/e/void-rabisu-s-use-of-romcom-backdoor-shows-a-growing-shift-in-th.html"
],
"synonyms": [
"Tropical Scorpius"
]
},
"related": [
{
"dest-uuid": "6d9dfc5f-4ebf-404b-ab5e-e6497867fe65",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "uses"
},
{
"dest-uuid": "5f1c11d3-c6ac-4368-a801-cced88a9d93b",
"tags": [
"estimative-language:likelihood-probability=\"likely\""
],
"type": "uses"
}
],
"uuid": "9766d52e-0e5d-4997-9c31-7f2291dcda9e",
"value": "Void Rabisu"
}
],
"version": 285
Expand Down

0 comments on commit 8702092

Please sign in to comment.