Pulse Detail-

Stealthy Cyberespionage Campaign Attacks With Social Engineering

概要

The McAfee Labs research team has tracked an advanced persistent threat for the past couple of months. This group has evolved a lot in sophistication and evasion techniques to defeat detection by security products. This group has been active since at least 2014 and uses spear-phishing campaigns to target enterprises. We have observed this group targeting defense, aerospace, and legal sector companies.

Created: 2026-02-23

Indicators

類似Pulses

Uncovering the Seven Pointed Dagger (score: 0.70)
Fidelis Threat Advisory #1017: Phishing in Plain Sight (score: 0.69)
New Attacks Linked to C0d0s0 Group (score: 0.66)
New Spear Phishing Campaign Pretends to be EFF (score: 0.65)
Tick cyberespionage group zeros in on Japan (score: 0.64)

このPulseに関連する脅威アクター (事実ベース)

LAPSUS$

Score: 31.75

Matched TTPs:

T1597.002 - Purchase Technical Data
T1586.002 - Email Accounts
T1598.004 - Spearphishing Voice
T1591.002 - Business Relationships
T1204 - User Execution
T1589.001 - Credentials
T1656 - Impersonation
T1591.004 - Identify Roles
T1003.003 - NTDS

MITREへのリンク →

Contagious Interview

Score: 27.99

Matched TTPs:

T1588.007 - Artificial Intelligence
T1587.001 - Malware
T1681 - Search Threat Vendor Data
T1657 - Financial Theft
T1583.006 - Web Services
T1593 - Search Open Websites/Domains
T1593.001 - Social Media
T1656 - Impersonation
T1566.003 - Spearphishing via Service

MITREへのリンク →

Ember Bear

Score: 9.47

Matched TTPs:

T1491.002 - External Defacement
T1195 - Supply Chain Compromise
T1203 - Exploitation for Client Execution

MITREへのリンク →

Sandworm Team

Score: 40.70

Matched TTPs:

T1491.002 - External Defacement
T1594 - Search Victim-Owned Websites
T1587.001 - Malware
T1586.001 - Social Media Accounts
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1195 - Supply Chain Compromise
T1591.002 - Business Relationships
T1584.005 - Botnet
T1593 - Search Open Websites/Domains
T1592.002 - Software
T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

Volt Typhoon

Score: 34.48

Matched TTPs:

T1584.008 - Network Devices
T1594 - Search Victim-Owned Websites
T1590.006 - Network Security Appliances
T1584.005 - Botnet
T1591 - Gather Victim Org Information
T1593 - Search Open Websites/Domains
T1591.004 - Identify Roles
T1518 - Software Discovery
T1596.005 - Scan Databases
T1003.003 - NTDS

MITREへのリンク →

APT28

Score: 42.97

Matched TTPs:

T1584.008 - Network Devices
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1557.004 - Evil Twin
T1596 - Search Open Technical Databases
T1583.006 - Web Services
T1591 - Gather Victim Org Information
T1589.001 - Credentials
T1203 - Exploitation for Client Execution
T1598 - Phishing for Information
T1498 - Network Denial of Service
T1003.003 - NTDS
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

ZIRCONIUM

Score: 12.98

Matched TTPs:

T1584.008 - Network Devices
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1583.006 - Web Services
T1598 - Phishing for Information

MITREへのリンク →

Leviathan

Score: 21.30

Matched TTPs:

T1584.008 - Network Devices
T1586.001 - Social Media Accounts
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1534 - Internal Spearphishing
T1589.001 - Credentials
T1203 - Exploitation for Client Execution

MITREへのリンク →

Mustard Tempest

Score: 10.52

Matched TTPs:

T1583.008 - Malvertising
T1566.002 - Spearphishing Link
T1608.006 - SEO Poisoning

MITREへのリンク →

Silent Librarian

Score: 5.74

Matched TTPs:

T1594 - Search Victim-Owned Websites
T1598.003 - Spearphishing Link

MITREへのリンク →

Kimsuky

Score: 52.98

Matched TTPs:

T1594 - Search Victim-Owned Websites
T1587.001 - Malware
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1596 - Search Open Technical Databases
T1593.002 - Search Engines
T1657 - Financial Theft
T1583.006 - Web Services
T1591 - Gather Victim Org Information
T1534 - Internal Spearphishing
T1593 - Search Open Websites/Domains
T1566 - Phishing
T1593.001 - Social Media
T1656 - Impersonation
T1598 - Phishing for Information
T1588.003 - Code Signing Certificates

MITREへのリンク →

EXOTIC LILY

Score: 13.47

Matched TTPs:

T1594 - Search Victim-Owned Websites
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1593.001 - Social Media
T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA578

Score: 5.30

Matched TTPs:

T1594 - Search Victim-Owned Websites
T1583.006 - Web Services

MITREへのリンク →

FIN13

Score: 6.96

Matched TTPs:

T1587.001 - Malware
T1657 - Financial Theft
T1003.003 - NTDS

MITREへのリンク →

Moonstone Sleet

Score: 14.68

Matched TTPs:

T1587.001 - Malware
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1591 - Gather Victim Org Information
T1598 - Phishing for Information
T1566.003 - Spearphishing via Service

MITREへのリンク →

Lazarus Group

Score: 13.73

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1591 - Gather Victim Org Information
T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

OilRig

Score: 18.10

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1195 - Supply Chain Compromise
T1203 - Exploitation for Client Execution
T1588.003 - Code Signing Certificates
T1566.003 - Spearphishing via Service

MITREへのリンク →

UNC3886

Score: 7.72

Matched TTPs:

T1587.001 - Malware
T1681 - Search Threat Vendor Data
T1203 - Exploitation for Client Execution

MITREへのリンク →

LuminousMoth

Score: 3.54

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link

MITREへのリンク →

APT29

Score: 13.11

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

Play

Score: 4.62

Matched TTPs:

T1587.001 - Malware
T1657 - Financial Theft

MITREへのリンク →

Aoqin Dragon

Score: 3.59

Matched TTPs:

T1587.001 - Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

RedCurl

Score: 4.42

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment

MITREへのリンク →

Turla

Score: 9.18

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1583.006 - Web Services
T1584.006 - Web Services

MITREへのリンク →

Ke3chang

Score: 4.44

Matched TTPs:

T1587.001 - Malware
T1003.003 - NTDS

MITREへのリンク →

Mustang Panda

Score: 24.57

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1583.006 - Web Services
T1593 - Search Open Websites/Domains
T1203 - Exploitation for Client Execution
T1518 - Software Discovery
T1588.003 - Code Signing Certificates
T1003.003 - NTDS

MITREへのリンク →

FIN7

Score: 17.87

Matched TTPs:

T1587.001 - Malware
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1674 - Input Injection
T1583.006 - Web Services
T1591 - Gather Victim Org Information
T1591.004 - Identify Roles

MITREへのリンク →

BlackTech

Score: 6.97

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1588.003 - Code Signing Certificates

MITREへのリンク →

MuddyWater

Score: 8.57

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1518 - Software Discovery

MITREへのリンク →

Confucius

Score: 5.83

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

Sidewinder

Score: 12.64

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1518 - Software Discovery

MITREへのリンク →

Elderwood

Score: 3.81

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

Transparent Tribe

Score: 3.81

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

FIN8

Score: 5.47

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1588.003 - Code Signing Certificates

MITREへのリンク →

APT32

Score: 8.29

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT33

Score: 7.95

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1552.006 - Group Policy Preferences
T1203 - Exploitation for Client Execution

MITREへのリンク →

Magic Hound

Score: 22.93

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1586.002 - Email Accounts
T1583.006 - Web Services
T1592.002 - Software
T1589.001 - Credentials
T1591.001 - Determine Physical Locations
T1566.003 - Spearphishing via Service

MITREへのリンク →

Windshift

Score: 7.59

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1518 - Software Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Cobalt Group

Score: 3.81

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

TA2541

Score: 4.33

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services

MITREへのリンク →

Earth Lusca

Score: 7.08

Matched TTPs:

T1566.002 - Spearphishing Link
T1583.006 - Web Services
T1584.006 - Web Services

MITREへのリンク →

Storm-1811

Score: 16.08

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.004 - Spearphishing Voice
T1667 - Email Bombing
T1656 - Impersonation
T1566.003 - Spearphishing via Service

MITREへのリンク →

Wizard Spider

Score: 11.95

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1552.006 - Group Policy Preferences
T1588.003 - Code Signing Certificates
T1003.003 - NTDS

MITREへのリンク →

TA577

Score: 4.11

Matched TTPs:

T1566.002 - Spearphishing Link
T1586.002 - Email Accounts

MITREへのリンク →

Patchwork

Score: 6.27

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution

MITREへのリンク →

LazyScripter

Score: 4.33

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1583.006 - Web Services

MITREへのリンク →

APT42

Score: 4.48

Matched TTPs:

T1566.002 - Spearphishing Link
T1656 - Impersonation

MITREへのリンク →

Scattered Spider

Score: 22.06

Matched TTPs:

T1598.003 - Spearphishing Link
T1598.004 - Spearphishing Voice
T1657 - Financial Theft
T1204 - User Execution
T1656 - Impersonation
T1598 - Phishing for Information
T1003.003 - NTDS

MITREへのリンク →

Star Blizzard

Score: 12.91

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1598.002 - Spearphishing Attachment
T1593 - Search Open Websites/Domains

MITREへのリンク →

CURIUM

Score: 9.48

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1584.006 - Web Services
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 14.63

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1591.002 - Business Relationships
T1598.002 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

Saint Bear

Score: 7.41

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1656 - Impersonation

MITREへのリンク →

Tropic Trooper

Score: 5.11

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1518 - Software Discovery

MITREへのリンク →

FIN6

Score: 5.74

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1003.003 - NTDS
T1566.003 - Spearphishing via Service

MITREへのリンク →

BRONZE BUTLER

Score: 5.11

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1518 - Software Discovery

MITREへのリンク →

menuPass

Score: 3.22

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1003.003 - NTDS

MITREへのリンク →

Threat Group-3390

Score: 5.52

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1588.003 - Code Signing Certificates

MITREへのリンク →

Gamaredon Group

Score: 6.51

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1583.006 - Web Services
T1534 - Internal Spearphishing

MITREへのリンク →

Inception

Score: 5.11

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1518 - Software Discovery

MITREへのリンク →

Ajax Security Team

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT41

Score: 11.87

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1203 - Exploitation for Client Execution
T1656 - Impersonation
T1596.005 - Scan Databases
T1003.003 - NTDS

MITREへのリンク →

Winter Vivern

Score: 4.50

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1584.006 - Web Services

MITREへのリンク →

Malteiro

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1657 - Financial Theft

MITREへのリンク →

SideCopy

Score: 7.24

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment
T1518 - Software Discovery

MITREへのリンク →

Andariel

Score: 6.21

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1592.002 - Software
T1203 - Exploitation for Client Execution

MITREへのリンク →

IndigoZebra

Score: 5.55

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1583.006 - Web Services

MITREへのリンク →

HEXANE

Score: 12.66

Matched TTPs:

T1586.002 - Email Accounts
T1534 - Internal Spearphishing
T1591.004 - Identify Roles
T1518 - Software Discovery

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1659 - Content Injection

MITREへのリンク →

HAFNIUM

Score: 12.51

Matched TTPs:

T1592.004 - Client Configurations
T1584.005 - Botnet
T1583.006 - Web Services
T1003.003 - NTDS

MITREへのリンク →

Axiom

Score: 8.40

Matched TTPs:

T1584.005 - Botnet
T1566 - Phishing
T1203 - Exploitation for Client Execution

MITREへのリンク →

INC Ransom

Score: 5.81

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing

MITREへのリンク →

Medusa Group

Score: 6.88

Matched TTPs:

T1657 - Financial Theft
T1583.006 - Web Services
T1003.003 - NTDS

MITREへのリンク →

Sea Turtle

Score: 4.78

Matched TTPs:

T1566 - Phishing
T1203 - Exploitation for Client Execution

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

Chimera

Score: 5.78

Matched TTPs:

T1589.001 - Credentials
T1003.003 - NTDS

MITREへのリンク →

Velvet Ant

Score: 4.13

Matched TTPs:

T1211 - Exploitation for Defense Evasion

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.82

Matched TTPs:

T1657 - Financial Theft
T1587.001 - Malware
T1566 - Phishing
T1593.002 - Search Engines
T1534 - Internal Spearphishing
T1656 - Impersonation
T1598.003 - Spearphishing Link
T1598 - Phishing for Information
T1591 - Gather Victim Org Information
T1594 - Search Victim-Owned Websites
T1588.003 - Code Signing Certificates
T1586.002 - Email Accounts
T1593.001 - Social Media
T1596 - Search Open Technical Databases
T1593 - Search Open Websites/Domains
T1566.002 - Spearphishing Link
T1583.006 - Web Services
T1566.001 - Spearphishing Attachment

MITREへのリンク →

APT28

Score: 0.71

Matched TTPs:

T1584.008 - Network Devices
T1203 - Exploitation for Client Execution
T1211 - Exploitation for Defense Evasion
T1598.003 - Spearphishing Link
T1598 - Phishing for Information
T1591 - Gather Victim Org Information
T1589.001 - Credentials
T1586.002 - Email Accounts
T1498 - Network Denial of Service
T1557.004 - Evil Twin
T1596 - Search Open Technical Databases
T1003.003 - NTDS
T1583.006 - Web Services
T1566.001 - Spearphishing Attachment

MITREへのリンク →

Sandworm Team

Score: 0.68

Matched TTPs:

T1491.002 - External Defacement
T1203 - Exploitation for Client Execution
T1587.001 - Malware
T1195 - Supply Chain Compromise
T1586.001 - Social Media Accounts
T1584.005 - Botnet
T1598.003 - Spearphishing Link
T1594 - Search Victim-Owned Websites
T1003.003 - NTDS
T1592.002 - Software
T1593 - Search Open Websites/Domains
T1566.002 - Spearphishing Link
T1591.002 - Business Relationships
T1566.001 - Spearphishing Attachment

MITREへのリンク →

Volt Typhoon

Score: 0.58

Matched TTPs:

T1584.008 - Network Devices
T1584.005 - Botnet
T1596.005 - Scan Databases
T1591.004 - Identify Roles
T1590.006 - Network Security Appliances
T1594 - Search Victim-Owned Websites
T1518 - Software Discovery
T1591 - Gather Victim Org Information
T1593 - Search Open Websites/Domains
T1003.003 - NTDS

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

Stealthy Cyberespionage Campaign Attacks With Social Engineering

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ