{
	"id": "238858b9-b6e4-4a36-a972-940a683f4a74",
	"created_at": "2026-04-06T00:17:00.857689Z",
	"updated_at": "2026-04-10T13:11:28.134842Z",
	"deleted_at": null,
	"sha1_hash": "7474ab1d5fa272ca37a79b521aae8632d3363c06",
	"title": "Red Alert - Threat Group Cards: A Threat Actor Encyclopedia",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 47441,
	"plain_text": "Red Alert - Threat Group Cards: A Threat Actor Encyclopedia\nArchived: 2026-04-05 15:15:17 UTC\nHome \u003e List all groups \u003e List all tools \u003e List all groups using tool Red Alert\n Tool: Red Alert\nNames\nRed Alert\nRed Alert 2.0\nCategory Malware\nType Banking trojan, Credential stealer\nDescription\n(Bleeping Computer) While Red Alert is a new addition to the mobile banking scene, the trojan works\nsimilarly to past threats. The trojan waits in hiding until the user opens a banking or social media app. When\nthis happens, the trojan shows an HTML-based overlay on top of the original app, alerting the user of an\nerror, and asking him to reauthenticate.\nRed Alert then collects the user's credentials and sends them to its C\u0026C server.\nInformation\nMalpedia\nLast change to this tool card: 22 May 2020\nDownload this tool card in JSON format\nAll groups using tool Red Alert\nChanged Name Country Observed\nUnknown groups\n _[ Interesting malware not linked to an actor yet ]_\n1 group listed (0 APT, 0 other, 1 unknown)\nSource: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=4da6a3f3-cfb0-4d8f-ad11-7abe57753e67\nhttps://apt.etda.or.th/cgi-bin/listgroups.cgi?u=4da6a3f3-cfb0-4d8f-ad11-7abe57753e67\nPage 1 of 1",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"ETDA"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=4da6a3f3-cfb0-4d8f-ad11-7abe57753e67"
	],
	"report_names": [
		"listgroups.cgi?u=4da6a3f3-cfb0-4d8f-ad11-7abe57753e67"
	],
	"threat_actors": [],
	"ts_created_at": 1775434620,
	"ts_updated_at": 1775826688,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/7474ab1d5fa272ca37a79b521aae8632d3363c06.pdf",
		"text": "https://archive.orkl.eu/7474ab1d5fa272ca37a79b521aae8632d3363c06.txt",
		"img": "https://archive.orkl.eu/7474ab1d5fa272ca37a79b521aae8632d3363c06.jpg"
	}
}