Trusted Design

Compromised TV and Government-Related Sites Lead to PoisonIvy

概要

A recent campaign compromised Taiwan and Hong Kong sites to deliver Flash exploits related to Hacking Team and eventually download PoisonIvy and other payloads in user systems. This campaign started on July 9, a few days after the Hacking Team announced it was hacked. The actors compromised the sites of a local television network, educational organizations, a religious institute, and a known political party in Taiwan; and a popular news site in Hong Kong. Note that the affected sites have consistent followers given the nature of their content. The affected educational organizations, for instance, are used to deliver employment exams for government employees. The Taiwanese television network involved has been producing and importing TV shows and movies for a decade.

Created: 2026-02-23

Indicators

• FileHash-SHA1 - d4966a9e46f9c1e14422015b7e89d53a462fbd65 -
• CVE - CVE-2015-5119 -
• hostname - win7.myz.info -
• FileHash-SHA1 - 2dc1deb5b52133d0a33c9d18144ba8759fe43b66 -
• CVE - CVE-2015-5122 -
• hostname - wut.mophecfbr.com -
• FileHash-SHA1 - 9209fee58a2149c706f71fb3c88fef14b585c717 -
• FileHash-SHA1 - fdcdf30a90fa22ae8a095e99d80143df1cc71194 -

類似Pulses

• A VAST Malvertising Attack (score: 0.63)
• Large malvertising campaign hits popular Dutch websites (score: 0.62)
• Chinese Actors attacks on US Government and EU Media (score: 0.61)
• Taiwan targeted with new cyberespionage backdoor Trojan (score: 0.61)
• FBI Flash #68 (PlugX) (score: 0.60)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る