Trusted Design

Large Malvertising Campaign Leads to Angler EK & Bunitu Malware

概要

Websense® Security Labs™ researchers have been monitoring a mass scale malvertising campaign that leads to Angler Exploit Kit. The attack has affected users browsing to many popular sites, including CNN Indonesia, the official website of Prague Airport, Detik, AASTOCKS, RTL Television Croatia, and the Bejewled Blitz game on Facebook. According to SimilarWeb, these sites have a combined total of at least 50 million visitors per month.

Created: 2026-02-23

Indicators

類似Pulses

Alienvault Labs: Malvertising leading to the Angler Exploit Kit (score: 0.76)
Angler EK: More Obfuscation, Fake Extensions, and Other Nonsense (score: 0.72)
Chinese Government Website Compromised, Leads to Angler (score: 0.71)
Large Malvertising Campaign Goes (Almost) Undetected (score: 0.71)
The Casino Malvertising Campaign (score: 0.70)

このPulseに関連する脅威アクター (事実ベース)

Volt Typhoon

Score: 11.96

Matched TTPs:

T1592 - Gather Victim Host Information
T1593 - Search Open Websites/Domains
T1596.005 - Scan Databases

MITREへのリンク →

Ember Bear

Score: 12.40

Matched TTPs:

T1491.002 - External Defacement
T1595.001 - Scanning IP Blocks
T1588.005 - Exploits

MITREへのリンク →

Sandworm Team

Score: 15.02

Matched TTPs:

T1491.002 - External Defacement
T1593 - Search Open Websites/Domains
T1592.002 - Software
T1102.002 - Bidirectional Communication
T1204.001 - Malicious Link

MITREへのリンク →

Transparent Tribe

Score: 8.83

Matched TTPs:

T1608.004 - Drive-by Target
T1189 - Drive-by Compromise
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

LuminousMoth

Score: 7.06

Matched TTPs:

T1608.004 - Drive-by Target
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

Dragonfly

Score: 4.80

Matched TTPs:

T1608.004 - Drive-by Target
T1189 - Drive-by Compromise

MITREへのリンク →

CURIUM

Score: 8.42

Matched TTPs:

T1608.004 - Drive-by Target
T1584.006 - Web Services
T1189 - Drive-by Compromise

MITREへのリンク →

APT32

Score: 10.84

Matched TTPs:

T1608.004 - Drive-by Target
T1583.006 - Web Services
T1189 - Drive-by Compromise
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

FIN7

Score: 11.47

Matched TTPs:

T1608.004 - Drive-by Target
T1583.006 - Web Services
T1102.002 - Bidirectional Communication
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

Threat Group-3390

Score: 4.80

Matched TTPs:

T1608.004 - Drive-by Target
T1189 - Drive-by Compromise

MITREへのリンク →

Mustard Tempest

Score: 10.70

Matched TTPs:

T1608.004 - Drive-by Target
T1189 - Drive-by Compromise
T1608.006 - SEO Poisoning
T1204.001 - Malicious Link

MITREへのリンク →

UNC3886

Score: 4.13

Matched TTPs:

T1681 - Search Threat Vendor Data

MITREへのリンク →

Contagious Interview

Score: 14.63

Matched TTPs:

T1681 - Search Threat Vendor Data
T1583.006 - Web Services
T1593 - Search Open Websites/Domains
T1593.001 - Social Media
T1204.001 - Malicious Link

MITREへのリンク →

HAFNIUM

Score: 13.35

Matched TTPs:

T1592.004 - Client Configurations
T1583.006 - Web Services
T1564.001 - Hidden Files and Directories
T1550.001 - Application Access Token

MITREへのリンク →

Earth Lusca

Score: 8.76

Matched TTPs:

T1583.006 - Web Services
T1584.006 - Web Services
T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Mustang Panda

Score: 13.46

Matched TTPs:

T1583.006 - Web Services
T1593 - Search Open Websites/Domains
T1027.007 - Dynamic API Resolution
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

Turla

Score: 11.16

Matched TTPs:

T1583.006 - Web Services
T1584.006 - Web Services
T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

ZIRCONIUM

Score: 5.77

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication
T1204.001 - Malicious Link

MITREへのリンク →

MuddyWater

Score: 5.77

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication
T1204.001 - Malicious Link

MITREへのリンク →

APT28

Score: 18.47

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link
T1550.001 - Application Access Token
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

APT29

Score: 3.37

Matched TTPs:

T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

Lazarus Group

Score: 12.97

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise
T1027.007 - Dynamic API Resolution
T1564.001 - Hidden Files and Directories

MITREへのリンク →

Confucius

Score: 3.37

Matched TTPs:

T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

Gamaredon Group

Score: 9.90

Matched TTPs:

T1583.006 - Web Services
T1102.003 - One-Way Communication
T1102.002 - Bidirectional Communication
T1204.001 - Malicious Link

MITREへのリンク →

Saint Bear

Score: 3.37

Matched TTPs:

T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

POLONIUM

Score: 4.41

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

Kimsuky

Score: 17.03

Matched TTPs:

T1583.006 - Web Services
T1593 - Search Open Websites/Domains
T1593.001 - Social Media
T1102.002 - Bidirectional Communication
T1204.001 - Malicious Link
T1588.005 - Exploits

MITREへのリンク →

TA578

Score: 3.37

Matched TTPs:

T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

TA2541

Score: 3.37

Matched TTPs:

T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

Magic Hound

Score: 11.38

Matched TTPs:

T1583.006 - Web Services
T1592.002 - Software
T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

LazyScripter

Score: 3.37

Matched TTPs:

T1583.006 - Web Services
T1204.001 - Malicious Link

MITREへのリンク →

Leviathan

Score: 7.26

Matched TTPs:

T1102.003 - One-Way Communication
T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Star Blizzard

Score: 3.29

Matched TTPs:

T1593 - Search Open Websites/Domains

MITREへのリンク →

Winter Vivern

Score: 6.75

Matched TTPs:

T1584.006 - Web Services
T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Andariel

Score: 5.61

Matched TTPs:

T1592.002 - Software
T1189 - Drive-by Compromise

MITREへのリンク →

EXOTIC LILY

Score: 5.20

Matched TTPs:

T1593.001 - Social Media
T1204.001 - Malicious Link

MITREへのリンク →

APT37

Score: 4.16

Matched TTPs:

T1102.002 - Bidirectional Communication
T1189 - Drive-by Compromise

MITREへのリンク →

APT39

Score: 3.76

Matched TTPs:

T1102.002 - Bidirectional Communication
T1204.001 - Malicious Link

MITREへのリンク →

Windshift

Score: 3.13

Matched TTPs:

T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

APT38

Score: 3.13

Matched TTPs:

T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Patchwork

Score: 3.13

Matched TTPs:

T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Elderwood

Score: 3.13

Matched TTPs:

T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Machete

Score: 3.13

Matched TTPs:

T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

Daggerfly

Score: 3.13

Matched TTPs:

T1189 - Drive-by Compromise
T1204.001 - Malicious Link

MITREへのリンク →

TeamTNT

Score: 4.13

Matched TTPs:

T1595.001 - Scanning IP Blocks

MITREへのリンク →

APT41

Score: 4.13

Matched TTPs:

T1596.005 - Scan Databases

MITREへのリンク →

RedCurl

Score: 4.03

Matched TTPs:

T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link

MITREへのリンク →

Velvet Ant

Score: 4.13

Matched TTPs:

T1211 - Exploitation for Defense Evasion

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.82

Matched TTPs:

T1102.002 - Bidirectional Communication
T1550.001 - Application Access Token
T1583.006 - Web Services
T1564.001 - Hidden Files and Directories
T1211 - Exploitation for Defense Evasion
T1204.001 - Malicious Link
T1189 - Drive-by Compromise

MITREへのリンク →

Kimsuky

Score: 0.75

Matched TTPs:

T1593 - Search Open Websites/Domains
T1102.002 - Bidirectional Communication
T1588.005 - Exploits
T1583.006 - Web Services
T1204.001 - Malicious Link
T1593.001 - Social Media

MITREへのリンク →

Sandworm Team

Score: 0.69

Matched TTPs:

T1593 - Search Open Websites/Domains
T1102.002 - Bidirectional Communication
T1592.002 - Software
T1491.002 - External Defacement
T1204.001 - Malicious Link

MITREへのリンク →

HAFNIUM

Score: 0.63

Matched TTPs:

T1592.004 - Client Configurations
T1564.001 - Hidden Files and Directories
T1550.001 - Application Access Token
T1583.006 - Web Services

MITREへのリンク →

Contagious Interview

Score: 0.63

Matched TTPs:

T1593 - Search Open Websites/Domains
T1681 - Search Threat Vendor Data
T1583.006 - Web Services
T1204.001 - Malicious Link
T1593.001 - Social Media

MITREへのリンク →

Mustang Panda

Score: 0.62

Matched TTPs:

T1593 - Search Open Websites/Domains
T1583.006 - Web Services
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Lazarus Group

Score: 0.61

Matched TTPs:

T1102.002 - Bidirectional Communication
T1583.006 - Web Services
T1564.001 - Hidden Files and Directories
T1189 - Drive-by Compromise
T1027.007 - Dynamic API Resolution

MITREへのリンク →

FIN7

Score: 0.58

Matched TTPs:

T1102.002 - Bidirectional Communication
T1583.006 - Web Services
T1564.001 - Hidden Files and Directories
T1204.001 - Malicious Link
T1608.004 - Drive-by Target

MITREへのリンク →

Turla

Score: 0.57

Matched TTPs:

T1102.002 - Bidirectional Communication
T1583.006 - Web Services
T1584.006 - Web Services
T1204.001 - Malicious Link
T1189 - Drive-by Compromise

MITREへのリンク →

Ember Bear

Score: 0.56

Matched TTPs:

T1595.001 - Scanning IP Blocks
T1588.005 - Exploits
T1491.002 - External Defacement

MITREへのリンク →

Volt Typhoon

Score: 0.56

Matched TTPs:

T1593 - Search Open Websites/Domains
T1592 - Gather Victim Host Information
T1596.005 - Scan Databases

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る