Multiple Chinese APT Groups Quickly Use Flash Zero-Day
概要
The FireEye as a Service team detected independent phishing campaigns conducted by two Chinese advanced persistent threat (APT) groups that we track, APT3 and APT18. Each threat group quickly took advantage of a zero-day vulnerability (CVE-2015-5119), which was leaked in the disclosure of Hacking Team’s internal data. Adobe released a patch for the vulnerability on July 8, 2015. Before that patch was released, the groups launched phishing campaigns against multiple companies in the aerospace and defense, construction and engineering, education, energy, health and biotechnology, high tech, non-profit, telecommunications, and transportation industries.
Created: 2026-02-23
Indicators
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 8.26
Matched TTPs:
- T1491.002 - External Defacement
- T1588.005 - Exploits
MITREへのリンク →
Score: 16.38
Matched TTPs:
- T1491.002 - External Defacement
- T1587.001 - Malware
- T1588.006 - Vulnerabilities
- T1598.003 - Spearphishing Link
- T1591.002 - Business Relationships
MITREへのリンク →
Score: 20.71
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1598 - Phishing for Information
- T1588.005 - Exploits
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 5.02
Matched TTPs:
- T1587.001 - Malware
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 11.28
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1591 - Gather Victim Org Information
- T1598 - Phishing for Information
MITREへのリンク →
Score: 16.51
Matched TTPs:
- T1587.001 - Malware
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1008 - Fallback Channels
- T1090.001 - Internal Proxy
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 14.83
Matched TTPs:
- T1587.001 - Malware
- T1681 - Search Threat Vendor Data
- T1593.003 - Code Repositories
- T1583.006 - Web Services
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 14.58
Matched TTPs:
- T1587.001 - Malware
- T1069.001 - Local Groups
- T1027.005 - Indicator Removal from Tools
- T1008 - Fallback Channels
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 12.82
Matched TTPs:
- T1587.001 - Malware
- T1681 - Search Threat Vendor Data
- T1027.005 - Indicator Removal from Tools
- T1008 - Fallback Channels
MITREへのリンク →
Score: 4.84
Matched TTPs:
- T1587.001 - Malware
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 4.11
Matched TTPs:
- T1587.001 - Malware
- T1583.006 - Web Services
MITREへのリンク →
Score: 13.34
Matched TTPs:
- T1587.001 - Malware
- T1583.006 - Web Services
- T1069.001 - Local Groups
- T1027.005 - Indicator Removal from Tools
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 9.31
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 14.96
Matched TTPs:
- T1587.001 - Malware
- T1583.006 - Web Services
- T1497.002 - User Activity Based Checks
- T1591 - Gather Victim Org Information
- T1008 - Fallback Channels
MITREへのリンク →
Score: 13.21
Matched TTPs:
- T1588.006 - Vulnerabilities
- T1591 - Gather Victim Org Information
- T1069.001 - Local Groups
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1588.006 - Vulnerabilities
MITREへのリンク →
Score: 10.44
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1598 - Phishing for Information
- T1538 - Cloud Service Dashboard
MITREへのリンク →
Score: 7.91
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1598 - Phishing for Information
MITREへのリンク →
Score: 7.22
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 4.47
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
MITREへのリンク →
Score: 15.33
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1598 - Phishing for Information
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 6.30
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1591.002 - Business Relationships
MITREへのリンク →
Score: 8.90
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1027.005 - Indicator Removal from Tools
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 7.69
Matched TTPs:
- T1591.002 - Business Relationships
- T1593.003 - Code Repositories
MITREへのリンク →
Score: 5.86
Matched TTPs:
- T1593.003 - Code Repositories
- T1583.006 - Web Services
MITREへのリンク →
Score: 6.88
Matched TTPs:
- T1552.006 - Group Policy Preferences
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 6.88
Matched TTPs:
- T1552.006 - Group Policy Preferences
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1497.002 - User Activity Based Checks
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 6.72
Matched TTPs:
- T1008 - Fallback Channels
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 7.06
Matched TTPs:
- T1090.001 - Internal Proxy
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.81
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1591 - Gather Victim Org Information
- T1583.006 - Web Services
- T1102.001 - Dead Drop Resolver
- T1598 - Phishing for Information
- T1587.001 - Malware
- T1588.005 - Exploits
MITREへのリンク →
Score: 0.71
Matched TTPs:
- T1591 - Gather Victim Org Information
- T1583.006 - Web Services
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1587.001 - Malware
- T1090.001 - Internal Proxy
- T1008 - Fallback Channels
MITREへのリンク →
Score: 0.68
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1588.006 - Vulnerabilities
- T1491.002 - External Defacement
- T1587.001 - Malware
- T1591.002 - Business Relationships
MITREへのリンク →
Score: 0.67
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1591 - Gather Victim Org Information
- T1583.006 - Web Services
- T1598 - Phishing for Information
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 0.66
Matched TTPs:
- T1591 - Gather Victim Org Information
- T1497.002 - User Activity Based Checks
- T1583.006 - Web Services
- T1587.001 - Malware
- T1008 - Fallback Channels
MITREへのリンク →
Score: 0.63
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1069.001 - Local Groups
- T1587.001 - Malware
- T1008 - Fallback Channels
MITREへのリンク →
Score: 0.62
Matched TTPs:
- T1583.006 - Web Services
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1593.003 - Code Repositories
- T1587.001 - Malware
- T1681 - Search Threat Vendor Data
MITREへのリンク →
Score: 0.60
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
- T1583.006 - Web Services
- T1069.001 - Local Groups
- T1587.001 - Malware
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
- T1587.001 - Malware
- T1008 - Fallback Channels
- T1681 - Search Threat Vendor Data
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1591 - Gather Victim Org Information
- T1090.001 - Internal Proxy
- T1588.006 - Vulnerabilities
- T1069.001 - Local Groups
MITREへのリンク →
Related CVEs
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design