Trusted Design

Inside the spyware campaign against Argentine troublemakers

概要

Alberto Nisman, the Argentine prosecutor known for doggedly investigating a 1994 Buenos Aires bombing, was targeted by invasive spy software downloaded onto his cellular phone shortly before his mysterious death. The software masqueraded as a confidential document and was intended to infect a Windows computer. An investigation by The Intercept indicates that this targeting was likely not an isolated event. The person or persons behind the attempted monitoring appear to have run other surveillance operations involving various locations throughout South America, at least one apparently targeting a rabble-rousing Argentine journalist. In the process, they created at least four distinct spyware bundles, all communicating with the same server set to receive Nisman’s data. They also left traces showing that their operations were active as recently as March, raising the possibility that the online spying continues today.

Created: 2026-02-23

Indicators

類似Pulses

Investigation Into Mexican Mass Disappearance Targeted with NSO Spyware (score: 0.65)
Reckless Exploit: Mexican Journalists, Lawyers, and a Child Targeted with NSO Spyware - The Citizen Lab (score: 0.63)
InvisiMole: surprisingly equipped spyware, undercover since 2013 (score: 0.63)
Reckless Exploit: Mexican Journalists, Lawyers, and a Child Targeted with NSO Spyware (score: 0.63)
South Korea NIS’s use of Hacking Team’s RCS (score: 0.60)

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 8.61

Matched TTPs:

T1033 - System Owner/User Discovery
T1027.014 - Polymorphic Code
T1665 - Hide Infrastructure

MITREへのリンク →

Sea Turtle

Score: 4.53

Matched TTPs:

T1033 - System Owner/User Discovery
T1218.010 - Regsvr32

MITREへのリンク →

Ember Bear

Score: 4.53

Matched TTPs:

T1033 - System Owner/User Discovery
T1218.010 - Regsvr32

MITREへのリンク →

Indrik Spider

Score: 6.88

Matched TTPs:

T1033 - System Owner/User Discovery
T1498 - Network Denial of Service

MITREへのリンク →

Agrius

Score: 3.03

Matched TTPs:

T1033 - System Owner/User Discovery

MITREへのリンク →

Contagious Interview

Score: 12.44

Matched TTPs:

T1033 - System Owner/User Discovery
T1021.006 - Windows Remote Management
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

Sandworm Team

Score: 10.71

Matched TTPs:

T1033 - System Owner/User Discovery
T1187 - Forced Authentication
T1218.010 - Regsvr32
T1548.006 - TCC Manipulation

MITREへのリンク →

Star Blizzard

Score: 3.03

Matched TTPs:

T1033 - System Owner/User Discovery

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1055.003 - Thread Execution Hijacking

MITREへのリンク →

UNC3886

Score: 5.63

Matched TTPs:

T1021.006 - Windows Remote Management
T1218.010 - Regsvr32

MITREへのリンク →

Volt Typhoon

Score: 13.84

Matched TTPs:

T1164 - Re-opened Applications
T1584.002 - DNS Server
T1548.006 - TCC Manipulation
T1665 - Hide Infrastructure

MITREへのリンク →

APT29

Score: 7.86

Matched TTPs:

T1592.004 - Client Configurations
T1218.010 - Regsvr32
T1547.008 - LSASS Driver

MITREへのリンク →

APT32

Score: 10.83

Matched TTPs:

T1592.004 - Client Configurations
T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1556 - Modify Authentication Process

MITREへのリンク →

BRONZE BUTLER

Score: 5.34

Matched TTPs:

T1592.004 - Client Configurations
T1218.010 - Regsvr32

MITREへのリンク →

Darkhotel

Score: 5.63

Matched TTPs:

T1564.002 - Hidden Users
T1218.010 - Regsvr32

MITREへのリンク →

FIN7

Score: 4.13

Matched TTPs:

T1564.002 - Hidden Users

MITREへのリンク →

Gamaredon Group

Score: 7.69

Matched TTPs:

T1061 - Graphical User Interface
T1200 - Hardware Additions

MITREへのリンク →

Cobalt Group

Score: 6.99

Matched TTPs:

T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1128 - Netsh Helper DLL

MITREへのリンク →

Blue Mockingbird

Score: 7.28

Matched TTPs:

T1027.014 - Polymorphic Code
T1001.001 - Junk Data

MITREへのリンク →

Leviathan

Score: 4.24

Matched TTPs:

T1027.014 - Polymorphic Code
T1218.010 - Regsvr32

MITREへのリンク →

Inception

Score: 7.39

Matched TTPs:

T1027.014 - Polymorphic Code
T1218.010 - Regsvr32
T1200 - Hardware Additions

MITREへのリンク →

Magic Hound

Score: 6.37

Matched TTPs:

T1187 - Forced Authentication
T1547.008 - LSASS Driver

MITREへのリンク →

Andariel

Score: 5.34

Matched TTPs:

T1187 - Forced Authentication
T1218.010 - Regsvr32

MITREへのリンク →

APT28

Score: 11.12

Matched TTPs:

T1218.010 - Regsvr32
T1200 - Hardware Additions
T1548.006 - TCC Manipulation
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 6.99

Matched TTPs:

T1218.010 - Regsvr32
T1200 - Hardware Additions
T1548.006 - TCC Manipulation

MITREへのリンク →

EXOTIC LILY

Score: 4.02

Matched TTPs:

T1218.010 - Regsvr32
T1547.008 - LSASS Driver

MITREへのリンク →

Lazarus Group

Score: 13.73

Matched TTPs:

T1218.010 - Regsvr32
T1055.005 - Thread Local Storage
T1665 - Hide Infrastructure
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

Confucius

Score: 7.48

Matched TTPs:

T1218.010 - Regsvr32
T1200 - Hardware Additions
T1665 - Hide Infrastructure

MITREへのリンク →

Patchwork

Score: 4.33

Matched TTPs:

T1218.010 - Regsvr32
T1665 - Hide Infrastructure

MITREへのリンク →

Higaisa

Score: 4.33

Matched TTPs:

T1218.010 - Regsvr32
T1665 - Hide Infrastructure

MITREへのリンク →

Mustang Panda

Score: 10.71

Matched TTPs:

T1218.010 - Regsvr32
T1055.005 - Thread Local Storage
T1548.006 - TCC Manipulation
T1556 - Modify Authentication Process

MITREへのリンク →

Tropic Trooper

Score: 10.22

Matched TTPs:

T1218.010 - Regsvr32
T1128 - Netsh Helper DLL
T1200 - Hardware Additions
T1665 - Hide Infrastructure

MITREへのリンク →

APT41

Score: 3.83

Matched TTPs:

T1218.010 - Regsvr32
T1548.006 - TCC Manipulation

MITREへのリンク →

OilRig

Score: 14.05

Matched TTPs:

T1218.010 - Regsvr32
T1592.002 - Software
T1128 - Netsh Helper DLL
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

APT33

Score: 4.24

Matched TTPs:

T1218.010 - Regsvr32
T1556 - Modify Authentication Process

MITREへのリンク →

Velvet Ant

Score: 6.88

Matched TTPs:

T1128 - Netsh Helper DLL
T1566.003 - Spearphishing via Service

MITREへのリンク →

Medusa Group

Score: 5.09

Matched TTPs:

T1128 - Netsh Helper DLL
T1548.006 - TCC Manipulation

MITREへのリンク →

FIN6

Score: 10.36

Matched TTPs:

T1128 - Netsh Helper DLL
T1548.006 - TCC Manipulation
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

FIN8

Score: 5.49

Matched TTPs:

T1128 - Netsh Helper DLL
T1556 - Modify Authentication Process

MITREへのリンク →

SideCopy

Score: 4.13

Matched TTPs:

T1584.002 - DNS Server

MITREへのリンク →

DarkHydrus

Score: 3.15

Matched TTPs:

T1200 - Hardware Additions

MITREへのリンク →

Scattered Spider

Score: 10.72

Matched TTPs:

T1498 - Network Denial of Service
T1027.002 - Software Packing
T1548.006 - TCC Manipulation

MITREへのリンク →

Salt Typhoon

Score: 6.59

Matched TTPs:

T1498 - Network Denial of Service
T1556 - Modify Authentication Process

MITREへのリンク →

Chimera

Score: 5.17

Matched TTPs:

T1548.006 - TCC Manipulation
T1665 - Hide Infrastructure

MITREへのリンク →

Wizard Spider

Score: 5.09

Matched TTPs:

T1548.006 - TCC Manipulation
T1556 - Modify Authentication Process

MITREへのリンク →

ToddyCat

Score: 5.36

Matched TTPs:

T1665 - Hide Infrastructure
T1547.008 - LSASS Driver

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.83

Matched TTPs:

T1218.010 - Regsvr32
T1547.008 - LSASS Driver
T1055.005 - Thread Local Storage
T1665 - Hide Infrastructure
T1556 - Modify Authentication Process

MITREへのリンク →

Volt Typhoon

Score: 0.81

Matched TTPs:

T1164 - Re-opened Applications
T1665 - Hide Infrastructure
T1584.002 - DNS Server
T1548.006 - TCC Manipulation

MITREへのリンク →

OilRig

Score: 0.78

Matched TTPs:

T1128 - Netsh Helper DLL
T1218.010 - Regsvr32
T1547.008 - LSASS Driver
T1592.002 - Software
T1556 - Modify Authentication Process

MITREへのリンク →

Contagious Interview

Score: 0.73

Matched TTPs:

T1547.008 - LSASS Driver
T1033 - System Owner/User Discovery
T1556 - Modify Authentication Process
T1021.006 - Windows Remote Management

MITREへのリンク →

APT28

Score: 0.68

Matched TTPs:

T1548.006 - TCC Manipulation
T1218.010 - Regsvr32
T1200 - Hardware Additions
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT32

Score: 0.66

Matched TTPs:

T1218.010 - Regsvr32
T1592.004 - Client Configurations
T1027.014 - Polymorphic Code
T1556 - Modify Authentication Process

MITREへのリンク →

Sandworm Team

Score: 0.65

Matched TTPs:

T1548.006 - TCC Manipulation
T1218.010 - Regsvr32
T1033 - System Owner/User Discovery
T1187 - Forced Authentication

MITREへのリンク →

Scattered Spider

Score: 0.65

Matched TTPs:

T1548.006 - TCC Manipulation
T1498 - Network Denial of Service
T1027.002 - Software Packing

MITREへのリンク →

Mustang Panda

Score: 0.64

Matched TTPs:

T1548.006 - TCC Manipulation
T1218.010 - Regsvr32
T1556 - Modify Authentication Process
T1055.005 - Thread Local Storage

MITREへのリンク →

FIN6

Score: 0.62

Matched TTPs:

T1128 - Netsh Helper DLL
T1548.006 - TCC Manipulation
T1547.008 - LSASS Driver
T1556 - Modify Authentication Process

MITREへのリンク →

Tropic Trooper

Score: 0.60

Matched TTPs:

T1128 - Netsh Helper DLL
T1665 - Hide Infrastructure
T1218.010 - Regsvr32
T1200 - Hardware Additions

MITREへのリンク →

Kimsuky

Score: 0.56

Matched TTPs:

T1665 - Hide Infrastructure
T1027.014 - Polymorphic Code
T1033 - System Owner/User Discovery

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る