-
Notifications
You must be signed in to change notification settings - Fork 6
/
intrusion-set--ead23196-d7b6-4ce6-a124-4ab4b67d81bd.json
68 lines (68 loc) · 2.82 KB
/
intrusion-set--ead23196-d7b6-4ce6-a124-4ab4b67d81bd.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
{
"id": "intrusion-set--ead23196-d7b6-4ce6-a124-4ab4b67d81bd",
"type": "intrusion-set",
"name": "Inception",
"description": "[Inception] is a cyber espionage group active since at least 2014. The group has targeted multiple industries and governmental entities primarily in Russia, but has also been active in the United States and throughout Europe, Asia, Africa, and the Middle East.(Citation: Unit 42 Inception November 2018)(Citation: Symantec Inception Framework March 2018)(Citation: Kaspersky Cloud Atlas December 2014)",
"external_references": [
{
"external_id": "G0100",
"source_name": "mitre-attack",
"url": "https://attack.mitre.org/groups/G0100"
},
{
"source_name": "Inception",
"description": "(Citation: Symantec Inception Framework March 2018)"
},
{
"source_name": "Inception Framework",
"description": "(Citation: Symantec Inception Framework March 2018)"
},
{
"source_name": "Cloud Atlas",
"description": "(Citation: Kaspersky Cloud Atlas December 2014)"
},
{
"source_name": "Unit 42 Inception November 2018",
"url": "https://unit42.paloaltonetworks.com/unit42-inception-attackers-target-europe-year-old-office-vulnerability/",
"description": "Lancaster, T. (2018, November 5). Inception Attackers Target Europe with Year-old Office Vulnerability. Retrieved May 8, 2020."
},
{
"source_name": "Symantec Inception Framework March 2018",
"url": "https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/inception-framework-hiding-behind-proxies",
"description": "Symantec. (2018, March 14). Inception Framework: Alive and Well, and Hiding Behind Proxies. Retrieved May 8, 2020."
},
{
"source_name": "Kaspersky Cloud Atlas December 2014",
"url": "https://securelist.com/cloud-atlas-redoctober-apt-is-back-in-style/68083/",
"description": "GReAT. (2014, December 10). Cloud Atlas: RedOctober APT is back in style. Retrieved May 8, 2020."
}
],
"created_by_ref": "The MITRE Corporation",
"aliases": [
"Inception",
"Inception Framework",
"Cloud Atlas"
],
"modified": "2020-05-20T20:54:12.685Z",
"created": "2020-05-08T17:01:04.058Z",
"x_mitre_contributors": [
"Oleg Skulkin, Group-IB"
],
"x_mitre_version": "1.0",
"attribution": "Russia",
"sophistication": "innovator",
"actor_type": "crime-syndicate",
"sectors": [
"ANY"
],
"target_locations": [
"ANY"
],
"primary_motivation": [
"organizational gain"
],
"goals": [
"steal intellectual property"
],
"first_seen": "2012"
}