Trusted Design

Pawn Storm’s using Java Zero-Day

概要

Operation Pawn Storm is a campaign known to target military, embassy, and defense contractor personnel from the United States and its allies. The attackers behind Operation Pawn Storm have been active since at least 2007 and they continue to launch new campaigns. Over the past year or so, we have seen numerous techniques and tactics employed by this campaign, such as the use of an iOS espionage app, and the inclusion of new targets like the White House. Through our on-going investigation and monitoring of this targeted attack campaign, we found suspicious URLs that hosted a newly discovered zero-day exploit in Java now identified by Oracle as CVE-2015-2590. This is the first time in nearly two years that a new Java zero-day vulnerability was reported.

Created: 2026-02-23

Indicators

類似Pulses

Latest Flash Exploit Used in Pawn Storm (score: 0.65)
CVE-2015-5122 Exploited in Strategic Web Compromise (score: 0.64)
Blackhole Exploit Kit Resurfaces in Live Attacks (score: 0.64)
Operation Clandestine Wolf – Adobe Flash Zero-Day APT3 Phishing (score: 0.63)
Angler, Nuclear Exploit Kits Integrate Pawn Storm Flash Exploit (score: 0.63)

このPulseに関連する脅威アクター (事実ベース)

APT41

Score: 11.18

Matched TTPs:

T1069 - Permission Groups Discovery
T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning
T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

Scattered Spider

Score: 5.63

Matched TTPs:

T1069 - Permission Groups Discovery
T1003.003 - NTDS

MITREへのリンク →

TA505

Score: 3.29

Matched TTPs:

T1069 - Permission Groups Discovery

MITREへのリンク →

Volt Typhoon

Score: 17.15

Matched TTPs:

T1069 - Permission Groups Discovery
T1588.006 - Vulnerabilities
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1003.003 - NTDS
T1124 - System Time Discovery

MITREへのリンク →

APT3

Score: 4.78

Matched TTPs:

T1069 - Permission Groups Discovery
T1203 - Exploitation for Client Execution

MITREへのリンク →

FIN13

Score: 7.10

Matched TTPs:

T1069 - Permission Groups Discovery
T1190 - Exploit Public-Facing Application
T1003.003 - NTDS

MITREへのリンク →

Sandworm Team

Score: 15.36

Matched TTPs:

T1588.006 - Vulnerabilities
T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning
T1584.005 - Botnet
T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

Storm-0501

Score: 5.31

Matched TTPs:

T1588.006 - Vulnerabilities
T1190 - Exploit Public-Facing Application

MITREへのリンク →

FIN7

Score: 4.06

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1124 - System Time Discovery

MITREへのリンク →

APT28

Score: 7.90

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning
T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

Kimsuky

Score: 5.60

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.005 - Exploits

MITREへのリンク →

Ember Bear

Score: 9.69

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning
T1203 - Exploitation for Client Execution
T1588.005 - Exploits

MITREへのリンク →

Magic Hound

Score: 10.21

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning
T1573 - Encrypted Channel
T1566.003 - Spearphishing via Service

MITREへのリンク →

Medusa Group

Score: 6.56

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1573.002 - Asymmetric Cryptography
T1003.003 - NTDS

MITREへのリンク →

Fox Kitten

Score: 3.81

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1003.003 - NTDS

MITREへのリンク →

Ke3chang

Score: 3.81

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1003.003 - NTDS

MITREへのリンク →

menuPass

Score: 3.81

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1003.003 - NTDS

MITREへのリンク →

ToddyCat

Score: 3.99

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1566.003 - Spearphishing via Service

MITREへのリンク →

Winter Vivern

Score: 4.06

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning

MITREへのリンク →

Earth Lusca

Score: 4.06

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning

MITREへのリンク →

APT29

Score: 20.08

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning
T1550.003 - Pass the Ticket
T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution
T1090.004 - Domain Fronting
T1566.003 - Spearphishing via Service

MITREへのリンク →

Leviathan

Score: 5.56

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning
T1203 - Exploitation for Client Execution

MITREへのリンク →

Volatile Cedar

Score: 4.06

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning

MITREへのリンク →

UNC3886

Score: 9.69

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1681 - Search Threat Vendor Data
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Dragonfly

Score: 7.90

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1595.002 - Vulnerability Scanning
T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

Axiom

Score: 6.59

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1203 - Exploitation for Client Execution

MITREへのリンク →

HAFNIUM

Score: 7.43

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1003.003 - NTDS

MITREへのリンク →

Contagious Interview

Score: 6.66

Matched TTPs:

T1681 - Search Threat Vendor Data
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT32

Score: 5.34

Matched TTPs:

T1550.003 - Pass the Ticket
T1203 - Exploitation for Client Execution

MITREへのリンク →

BRONZE BUTLER

Score: 7.93

Matched TTPs:

T1550.003 - Pass the Ticket
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Tropic Trooper

Score: 7.86

Matched TTPs:

T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

BITTER

Score: 5.12

Matched TTPs:

T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution

MITREへのリンク →

Sidewinder

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

The White Company

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

EXOTIC LILY

Score: 4.02

Matched TTPs:

T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

Lazarus Group

Score: 6.61

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Higaisa

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Cobalt Group

Score: 4.24

Matched TTPs:

T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Mustang Panda

Score: 3.83

Matched TTPs:

T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

Darkhotel

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

OilRig

Score: 6.76

Matched TTPs:

T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN6

Score: 7.61

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1003.003 - NTDS
T1566.003 - Spearphishing via Service

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Chimera

Score: 4.93

Matched TTPs:

T1003.003 - NTDS
T1124 - System Time Discovery

MITREへのリンク →

CURIUM

Score: 5.12

Matched TTPs:

T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT29

Score: 0.84

Matched TTPs:

T1550.003 - Pass the Ticket
T1190 - Exploit Public-Facing Application
T1573 - Encrypted Channel
T1090.004 - Domain Fronting
T1566.003 - Spearphishing via Service
T1595.002 - Vulnerability Scanning
T1203 - Exploitation for Client Execution

MITREへのリンク →

Volt Typhoon

Score: 0.74

Matched TTPs:

T1003.003 - NTDS
T1190 - Exploit Public-Facing Application
T1588.006 - Vulnerabilities
T1069 - Permission Groups Discovery
T1124 - System Time Discovery
T1584.005 - Botnet

MITREへのリンク →

Sandworm Team

Score: 0.67

Matched TTPs:

T1003.003 - NTDS
T1190 - Exploit Public-Facing Application
T1588.006 - Vulnerabilities
T1584.005 - Botnet
T1595.002 - Vulnerability Scanning
T1203 - Exploitation for Client Execution

MITREへのリンク →

Related CVEs

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る