• Last Updated
    Feb 19, 2025
  • Version
    3.5.2
  • Compatibility
    ThreatQ versions >= v5.20.0
  • Group-IB

    Overview

    Group-IB is a provider of solutions aimed at detection and prevention of cyberattacks, online fraud, and IP protection.
    The Group-IB CDF for ThreatQ provides the following feeds:
    • GroupIB Compromised Account
    • GroupIB Compromised Bank Card
    • GroupIB Compromised Data Git Leaks
    • GroupIB Compromised Data Mules
    • GroupIB Compromised Data IMEI
    • GroupIB Compromised IM Discord
    • GroupIB Compromised IM Telegram
    • GroupIB Compromised Masked Band Card
    • GroupIB Compromised Shops
    • GroupIB Human Intelligence Threat
    • GroupIB Human Intelligence Threat Actor
    • GroupIB APT Threat
    • GroupIB APT Threat Actor
    • GroupIB Malware C2
    • GroupIB Suspicious IP Open Proxy
    • GroupIB Suspicious IP Socks Proxy
    • GroupIB Suspicious IP VPN
    • GroupIB Malware Configs
    • GroupIB Suspicious IP Tor Node
    • GroupIB Suspicious IP Scanner
    • GroupIB Malware Report
    • GroupIB Malware Signature
    • GroupIB Malware YARA Rule
    • GroupIB Malware Vulnerability
    • GroupIB Attacks DDoS
    • GroupIB Attacks Deface
    • GroupIB Attacks Phishing
    • GroupIB Attacks Phishing Group
    • GroupIB Attacks Abuse Phishing Kit
    • GroupIB OSI PublicLeak
    • GroupIB IOC Common
    Object types ingested from the feeds above include:
    • Adversaries
    • Asset
    • Attack Patterns
    • Compromised Accounts (custom object)
    • Compromised Cards (custom object)
    • Discord Channel (custom object)
    • Identities
    • Indicators
    • Instrusion Sets
    • IMEIs (custom object)
    • Malware
    • Money Mule (custom object)
    • Organizations (custom object)
    • Reports
    • Signatures
    • Telegram Channel (custom object)
    • Tools
    • Tags
    • Vulnerabilities

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy