Trusted Design

ntp MON_GETLIST query amplification ddos

概要

A Network Time Protocol (NTP) Amplification attack is an emerging form of Distributed Denial of Service (DDoS) that relies on the use of publicly accessible NTP servers to overwhelm a victim system with UDP traffic. The NTP service supports a monitoring service that allows administrators to query the server for traffic counts of connected clients. This information is provided via the "monlist" command. The basic attack technique consists of an attacker sending a "get monlist" request to a vulnerable NTP server, with the source address spoofed to be the victim's address. This tool is a proof of concept that demonstrates this attack.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

OilRig

Score: 12.83
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Gamaredon Group

Score: 7.21
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
MITREへのリンク →

APT28

Score: 16.28
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1102.002 - Bidirectional Communication
  • T1498 - Network Denial of Service
  • T1071.001 - Web Protocols
  • T1669 - Wi-Fi Networks
MITREへのリンク →

Turla

Score: 15.56
Matched TTPs:
  • T1025 - Data from Removable Media
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
  • T1584.004 - Server
  • T1124 - System Time Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT32

Score: 8.07
Matched TTPs:
  • T1552.002 - Credentials in Registry
  • T1071.001 - Web Protocols
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

RedCurl

Score: 8.07
Matched TTPs:
  • T1552.002 - Credentials in Registry
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
MITREへのリンク →

Higaisa

Score: 14.08
Matched TTPs:
  • T1029 - Scheduled Transfer
  • T1071.001 - Web Protocols
  • T1680 - Local Storage Discovery
  • T1124 - System Time Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

Medusa Group

Score: 11.69
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Threat Group-3390

Score: 5.32
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1071.001 - Web Protocols
MITREへのリンク →

PROMETHIUM

Score: 4.13
Matched TTPs:
  • T1205.001 - Port Knocking
MITREへのリンク →

UNC3886

Score: 6.72
Matched TTPs:
  • T1205.001 - Port Knocking
  • T1124 - System Time Discovery
MITREへのリンク →

Kimsuky

Score: 12.63
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1219.002 - Remote Desktop Software
  • T1071.001 - Web Protocols
  • T1680 - Local Storage Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

APT37

Score: 7.21
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Lazarus Group

Score: 23.66
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
  • T1584.004 - Server
  • T1680 - Local Storage Discovery
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
  • T1090.001 - Internal Proxy
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

APT39

Score: 6.51
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
  • T1090.001 - Internal Proxy
MITREへのリンク →

Magic Hound

Score: 6.11
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN7

Score: 4.99
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1124 - System Time Discovery
MITREへのリンク →

Sandworm Team

Score: 10.96
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1499 - Endpoint Denial of Service
  • T1071.001 - Web Protocols
  • T1584.004 - Server
MITREへのリンク →

MuddyWater

Score: 3.59
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1071.001 - Web Protocols
MITREへのリンク →

ZIRCONIUM

Score: 4.99
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1124 - System Time Discovery
MITREへのリンク →

Velvet Ant

Score: 5.67
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1090.001 - Internal Proxy
MITREへのリンク →

Tropic Trooper

Score: 6.77
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
  • T1680 - Local Storage Discovery
MITREへのリンク →

RedEcho

Score: 3.93
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
MITREへのリンク →

Cobalt Group

Score: 3.93
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
MITREへのリンク →

APT42

Score: 3.93
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
MITREへのリンク →

FIN6

Score: 8.02
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

FIN8

Score: 6.68
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1071.001 - Web Protocols
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Contagious Interview

Score: 8.20
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Storm-1811

Score: 5.45
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Mustang Panda

Score: 6.86
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1071.001 - Web Protocols
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Thrip

Score: 5.67
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

RTM

Score: 6.21
Matched TTPs:
  • T1219.002 - Remote Desktop Software
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Moonstone Sleet

Score: 3.71
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dark Caracal

Score: 3.71
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Daggerfly

Score: 4.02
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1584.004 - Server
MITREへのリンク →

Chimera

Score: 6.61
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1680 - Local Storage Discovery
  • T1124 - System Time Discovery
MITREへのリンク →

APT41

Score: 4.47
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

APT38

Score: 4.81
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

BRONZE BUTLER

Score: 7.07
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1124 - System Time Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Sidewinder

Score: 3.78
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1124 - System Time Discovery
MITREへのリンク →

FIN13

Score: 4.12
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1090.001 - Internal Proxy
MITREへのリンク →

Wizard Spider

Score: 3.93
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Confucius

Score: 4.02
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1680 - Local Storage Discovery
MITREへのリンク →

Windshift

Score: 3.71
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT33

Score: 3.93
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

TeamTNT

Score: 4.02
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1680 - Local Storage Discovery
MITREへのリンク →

Rocke

Score: 4.47
Matched TTPs:
  • T1071.001 - Web Protocols
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Volt Typhoon

Score: 11.19
Matched TTPs:
  • T1584.004 - Server
  • T1680 - Local Storage Discovery
  • T1124 - System Time Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

Axiom

Score: 4.54
Matched TTPs:
  • T1001.002 - Steganography
MITREへのリンク →

Patchwork

Score: 6.12
Matched TTPs:
  • T1680 - Local Storage Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

ToddyCat

Score: 5.36
Matched TTPs:
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

CURIUM

Score: 5.12
Matched TTPs:
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.74
Matched TTPs:
  • T1584.004 - Server
  • T1529 - System Shutdown/Reboot
  • T1071.001 - Web Protocols
  • T1124 - System Time Discovery
  • T1102.002 - Bidirectional Communication
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1680 - Local Storage Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る