opencti icon indicating copy to clipboard operation
opencti copied to clipboard
verified publisher icon OpenCTI-Platform

Additional Observable/Indicator Types - Credit Card, Bank Card,Phone Number

Open jamieSecOps opened this issue 3 years ago • 1 comments

Use case

Track Threat actors by phone number usage Determine if leaked credit card info gathered from dark web match observed victim credit cards

Current Workaround

Can't workaround

Proposed Solution

Create new Observable/Indicator Types - Credit Card, Bank Card,Phone Number Phone number - international format e.g. +14155552671

Additional Information

These are useful observable types I've used before in a TIP

If the feature request is approved, would you be willing to submit a PR?

No - (not sure what this entails)

jamieSecOps avatar Jul 25 '22 15:07 jamieSecOps

I would also add to this Crypto wallet identifiers

ckane avatar Jul 25 '22 15:07 ckane

I know this has been accepted into a milestone, but also wanted to add that I cannot find a clearly defined observable to add in communication types like Jabber/XMPP, Telegram, ICQ, Tox, Discord, Element, etc.

Astral-Reaper avatar Aug 21 '22 14:08 Astral-Reaper

@ckane Crypto Wallet identifier is already implemented, do you have something else in mind? @Astral-Reaper Jabber/XMPP/Telegram/ICQ, etc. are User-Account no?

"The User Account object represents an instance of any type of user account, including but not limited to operating system, device, messaging service, and social media platform accounts. As all properties of this object are optional, at least one of the properties defined below MUST be included when using this object."

SamuelHassine avatar Aug 28 '22 07:08 SamuelHassine