Trusted Design

The NetTraveler

概要

cyber-espionage campaigns that have successfully compromised more than 350 high profile victims in 40 countries. The focus of the paper is to describe NetTraveler, which is the main tool used by the threat actors during these attacks.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

LAPSUS$

Score: 8.38
Matched TTPs:
  • T1216.001 - PubPrn
  • T1193 - Spearphishing Attachment
MITREへのリンク →

Contagious Interview

Score: 22.31
Matched TTPs:
  • T1044 - File System Permissions Weakness
  • T1091 - Replication Through Removable Media
  • T1021.006 - Windows Remote Management
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1102.003 - One-Way Communication
  • T1690 - Prevent Command History Logging
MITREへのリンク →

Ember Bear

Score: 6.88
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1056.002 - GUI Input Capture
MITREへのリンク →

Sandworm Team

Score: 25.12
Matched TTPs:
  • T1564.008 - Email Hiding Rules
  • T1583.005 - Botnet
  • T1091 - Replication Through Removable Media
  • T1193 - Spearphishing Attachment
  • T1049 - System Network Connections Discovery
  • T1102.003 - One-Way Communication
  • T1547.002 - Authentication Package
  • T1546.016 - Installer Packages
MITREへのリンク →

Mustard Tempest

Score: 6.51
Matched TTPs:
  • T1682 - Query Public AI Services
  • T1091 - Replication Through Removable Media
MITREへのリンク →

HAFNIUM

Score: 13.32
Matched TTPs:
  • T1027.008 - Stripped Payloads
  • T1049 - System Network Connections Discovery
  • T1608.005 - Link Target
  • T1552.008 - Chat Messages
MITREへのリンク →

APT5

Score: 3.84
Matched TTPs:
  • T1027.008 - Stripped Payloads
MITREへのリンク →

Ke3chang

Score: 3.84
Matched TTPs:
  • T1027.008 - Stripped Payloads
MITREへのリンク →

Kimsuky

Score: 31.03
Matched TTPs:
  • T1583.005 - Botnet
  • T1091 - Replication Through Removable Media
  • T1152 - Launchctl
  • T1683.001 - Written Content
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1102.003 - One-Way Communication
  • T1690 - Prevent Command History Logging
  • T1547.002 - Authentication Package
MITREへのリンク →

Velvet Ant

Score: 3.03
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

Salt Typhoon

Score: 6.88
Matched TTPs:
  • T1583.005 - Botnet
  • T1553.002 - Code Signing
MITREへのリンク →

APT33

Score: 3.03
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

UNC3886

Score: 7.17
Matched TTPs:
  • T1583.005 - Botnet
  • T1021.006 - Windows Remote Management
MITREへのリンク →

DarkVishnya

Score: 3.03
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

APT28

Score: 22.15
Matched TTPs:
  • T1583.005 - Botnet
  • T1152 - Launchctl
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1056.002 - GUI Input Capture
  • T1547.002 - Authentication Package
  • T1146 - Clear Command History
MITREへのリンク →

FIN13

Score: 6.37
Matched TTPs:
  • T1553.002 - Code Signing
  • T1552.003 - Shell History
MITREへのリンク →

Volt Typhoon

Score: 32.13
Matched TTPs:
  • T1553.002 - Code Signing
  • T1164 - Re-opened Applications
  • T1049 - System Network Connections Discovery
  • T1057 - Process Discovery
  • T1552.008 - Chat Messages
  • T1102.003 - One-Way Communication
  • T1056.002 - GUI Input Capture
  • T1546.016 - Installer Packages
  • T1574.002 - DLL Side-Loading
MITREへのリンク →

TA2541

Score: 7.14
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1546.017 - Udev Rules
MITREへのリンク →

Earth Lusca

Score: 10.44
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1546.016 - Installer Packages
MITREへのリンク →

Mustang Panda

Score: 7.27
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1102.003 - One-Way Communication
MITREへのリンク →

LazyScripter

Score: 3.99
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
MITREへのリンク →

Gamaredon Group

Score: 16.82
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1056.002 - GUI Input Capture
  • T1061 - Graphical User Interface
  • T1547.002 - Authentication Package
  • T1546.017 - Udev Rules
MITREへのリンク →

Star Blizzard

Score: 5.26
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1102.003 - One-Way Communication
MITREへのリンク →

Threat Group-3390

Score: 9.26
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1218.003 - CMSTP
  • T1546.017 - Udev Rules
MITREへのリンク →

APT32

Score: 3.99
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
MITREへのリンク →

HEXANE

Score: 4.37
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1547.002 - Authentication Package
MITREへのリンク →

Saint Bear

Score: 3.99
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
MITREへのリンク →

Moonstone Sleet

Score: 5.26
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1057 - Process Discovery
MITREへのリンク →

FIN7

Score: 9.67
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1547.002 - Authentication Package
MITREへのリンク →

EXOTIC LILY

Score: 10.36
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1149 - LC_MAIN Hijacking
  • T1690 - Prevent Command History Logging
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1055.003 - Thread Execution Hijacking
MITREへのリンク →

Medusa Group

Score: 11.41
Matched TTPs:
  • T1218.003 - CMSTP
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1056.002 - GUI Input Capture
MITREへのリンク →

Winter Vivern

Score: 8.16
Matched TTPs:
  • T1548 - Abuse Elevation Control Mechanism
  • T1218.001 - Compiled HTML File
MITREへのリンク →

Dragonfly

Score: 6.68
Matched TTPs:
  • T1193 - Spearphishing Attachment
  • T1546.016 - Installer Packages
MITREへのリンク →

Axiom

Score: 8.16
Matched TTPs:
  • T1049 - System Network Connections Discovery
  • T1160 - Launch Daemon
MITREへのリンク →

Turla

Score: 10.87
Matched TTPs:
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1547.002 - Authentication Package
  • T1546.016 - Installer Packages
MITREへのリンク →

ZIRCONIUM

Score: 7.16
Matched TTPs:
  • T1608.005 - Link Target
  • T1056.002 - GUI Input Capture
  • T1547.002 - Authentication Package
MITREへのリンク →

MuddyWater

Score: 4.41
Matched TTPs:
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
MITREへのリンク →

APT29

Score: 4.76
Matched TTPs:
  • T1608.005 - Link Target
  • T1056.002 - GUI Input Capture
MITREへのリンク →

Lazarus Group

Score: 10.53
Matched TTPs:
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1547.002 - Authentication Package
  • T1546.016 - Installer Packages
MITREへのリンク →

POLONIUM

Score: 4.41
Matched TTPs:
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
MITREへのリンク →

Magic Hound

Score: 4.41
Matched TTPs:
  • T1608.005 - Link Target
  • T1547.002 - Authentication Package
MITREへのリンク →

Indrik Spider

Score: 6.68
Matched TTPs:
  • T1552.008 - Chat Messages
  • T1546.016 - Installer Packages
MITREへのリンク →

Leviathan

Score: 8.73
Matched TTPs:
  • T1056.002 - GUI Input Capture
  • T1546.016 - Installer Packages
  • T1546.017 - Udev Rules
MITREへのリンク →

CURIUM

Score: 3.62
Matched TTPs:
  • T1218.001 - Compiled HTML File
MITREへのリンク →

APT41

Score: 4.13
Matched TTPs:
  • T1574.002 - DLL Side-Loading
MITREへのリンク →

Molerats

Score: 3.15
Matched TTPs:
  • T1546.017 - Udev Rules
MITREへのリンク →

Higaisa

Score: 3.15
Matched TTPs:
  • T1546.017 - Udev Rules
MITREへのリンク →

Mofang

Score: 3.15
Matched TTPs:
  • T1546.017 - Udev Rules
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Volt Typhoon

Score: 0.84
Matched TTPs:
  • T1056.002 - GUI Input Capture
  • T1553.002 - Code Signing
  • T1546.016 - Installer Packages
  • T1574.002 - DLL Side-Loading
  • T1552.008 - Chat Messages
  • T1057 - Process Discovery
  • T1164 - Re-opened Applications
  • T1049 - System Network Connections Discovery
  • T1102.003 - One-Way Communication
MITREへのリンク →

Kimsuky

Score: 0.81
Matched TTPs:
  • T1552.003 - Shell History
  • T1690 - Prevent Command History Logging
  • T1683.001 - Written Content
  • T1583.005 - Botnet
  • T1547.002 - Authentication Package
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1091 - Replication Through Removable Media
  • T1152 - Launchctl
  • T1102.003 - One-Way Communication
MITREへのリンク →

Sandworm Team

Score: 0.68
Matched TTPs:
  • T1546.016 - Installer Packages
  • T1564.008 - Email Hiding Rules
  • T1583.005 - Botnet
  • T1102.003 - One-Way Communication
  • T1547.002 - Authentication Package
  • T1049 - System Network Connections Discovery
  • T1091 - Replication Through Removable Media
  • T1193 - Spearphishing Attachment
MITREへのリンク →

APT28

Score: 0.61
Matched TTPs:
  • T1583.005 - Botnet
  • T1146 - Clear Command History
  • T1547.002 - Authentication Package
  • T1608.005 - Link Target
  • T1057 - Process Discovery
  • T1056.002 - GUI Input Capture
  • T1152 - Launchctl
MITREへのリンク →

Contagious Interview

Score: 0.58
Matched TTPs:
  • T1690 - Prevent Command History Logging
  • T1044 - File System Permissions Weakness
  • T1608.005 - Link Target
  • T1091 - Replication Through Removable Media
  • T1552.003 - Shell History
  • T1021.006 - Windows Remote Management
  • T1102.003 - One-Way Communication
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る