New activity of the Blue Termite APT
概要
In October 2014, Kaspersky Lab started to research “Blue Termite”, an Advanced Persistent Threat (APT) targeting Japan. The oldest sample we’ve seen up to now is from November 2013. This is not the first time the country has been a victim of an APT. However, the attack is different in two respects: unlike other APTs, the main focus of Blue Termite is to attack Japanese organizations; and most of their C2s are located in Japan. One of the top targets is the Japan Pension Service, but the list of targeted industries includes government and government agencies, local governments, public interest groups, universities, banks, financial services, energy, communication, heavy industry, chemical, automotive, electrical, news media, information services sector, health care, real estate, food, semiconductor, robotics, construction, insurance, transportation and so on. Unfortunately, the attack is still active and the number of victims has been increasing.
Created: 2026-02-23
Indicators
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 4.13
Matched TTPs:
- T1564.008 - Email Hiding Rules
MITREへのリンク →
Score: 11.56
Matched TTPs:
- T1564.008 - Email Hiding Rules
- T1122 - Component Object Model Hijacking
- T1565 - Data Manipulation
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 9.08
Matched TTPs:
- T1682 - Query Public AI Services
- T1543.002 - Systemd Service
MITREへのリンク →
Score: 7.39
Matched TTPs:
- T1552.003 - Shell History
- T1565 - Data Manipulation
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 13.65
Matched TTPs:
- T1552.003 - Shell History
- T1565 - Data Manipulation
- T1665 - Hide Infrastructure
- T1008 - Fallback Channels
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 4.86
Matched TTPs:
- T1552.003 - Shell History
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 7.20
Matched TTPs:
- T1552.003 - Shell History
- T1565 - Data Manipulation
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 9.95
Matched TTPs:
- T1552.003 - Shell History
- T1565 - Data Manipulation
- T1128 - Netsh Helper DLL
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 4.86
Matched TTPs:
- T1552.003 - Shell History
- T1565 - Data Manipulation
MITREへのリンク →
Score: 5.19
Matched TTPs:
- T1552.003 - Shell History
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1567.001 - Exfiltration to Code Repository
MITREへのリンク →
Score: 6.47
Matched TTPs:
- T1567.001 - Exfiltration to Code Repository
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 5.09
Matched TTPs:
- T1122 - Component Object Model Hijacking
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 5.09
Matched TTPs:
- T1122 - Component Object Model Hijacking
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 5.49
Matched TTPs:
- T1122 - Component Object Model Hijacking
- T1128 - Netsh Helper DLL
MITREへのリンク →
Score: 7.94
Matched TTPs:
- T1122 - Component Object Model Hijacking
- T1547.008 - LSASS Driver
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 7.75
Matched TTPs:
- T1122 - Component Object Model Hijacking
- T1548.006 - TCC Manipulation
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 5.09
Matched TTPs:
- T1122 - Component Object Model Hijacking
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 5.41
Matched TTPs:
- T1122 - Component Object Model Hijacking
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 8.41
Matched TTPs:
- T1212 - Exploitation for Credential Access
- T1578.001 - Create Snapshot
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1212 - Exploitation for Credential Access
MITREへのリンク →
Score: 5.49
Matched TTPs:
- T1212 - Exploitation for Credential Access
- T1565 - Data Manipulation
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1212 - Exploitation for Credential Access
MITREへのリンク →
Score: 10.92
Matched TTPs:
- T1212 - Exploitation for Credential Access
- T1548.006 - TCC Manipulation
- T1665 - Hide Infrastructure
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 10.92
Matched TTPs:
- T1212 - Exploitation for Credential Access
- T1548.006 - TCC Manipulation
- T1665 - Hide Infrastructure
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 11.86
Matched TTPs:
- T1212 - Exploitation for Credential Access
- T1128 - Netsh Helper DLL
- T1055.015 - ListPlanting
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 4.86
Matched TTPs:
- T1565 - Data Manipulation
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 7.46
Matched TTPs:
- T1565 - Data Manipulation
- T1578.001 - Create Snapshot
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 17.86
Matched TTPs:
- T1565 - Data Manipulation
- T1055.005 - Thread Local Storage
- T1055.015 - ListPlanting
- T1665 - Hide Infrastructure
- T1578.001 - Create Snapshot
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 5.01
Matched TTPs:
- T1565 - Data Manipulation
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 4.68
Matched TTPs:
- T1565 - Data Manipulation
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 4.86
Matched TTPs:
- T1565 - Data Manipulation
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 4.86
Matched TTPs:
- T1565 - Data Manipulation
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 5.41
Matched TTPs:
- T1128 - Netsh Helper DLL
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 8.25
Matched TTPs:
- T1128 - Netsh Helper DLL
- T1665 - Hide Infrastructure
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 7.61
Matched TTPs:
- T1128 - Netsh Helper DLL
- T1548.006 - TCC Manipulation
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1130 - Install Root Certificate
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1130 - Install Root Certificate
MITREへのリンク →
Score: 6.47
Matched TTPs:
- T1055.005 - Thread Local Storage
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 9.07
Matched TTPs:
- T1548.006 - TCC Manipulation
- T1055.015 - ListPlanting
- T1008 - Fallback Channels
MITREへのリンク →
Score: 8.70
Matched TTPs:
- T1055.015 - ListPlanting
- T1578.001 - Create Snapshot
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 6.03
Matched TTPs:
- T1055.015 - ListPlanting
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 5.43
Matched TTPs:
- T1665 - Hide Infrastructure
- T1578.001 - Create Snapshot
MITREへのリンク →
Score: 6.12
Matched TTPs:
- T1665 - Hide Infrastructure
- T1008 - Fallback Channels
MITREへのリンク →
Score: 5.36
Matched TTPs:
- T1665 - Hide Infrastructure
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 5.88
Matched TTPs:
- T1578.001 - Create Snapshot
- T1008 - Fallback Channels
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1008 - Fallback Channels
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1008 - Fallback Channels
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.82
Matched TTPs:
- T1578.001 - Create Snapshot
- T1565 - Data Manipulation
- T1055.015 - ListPlanting
- T1547.008 - LSASS Driver
- T1055.005 - Thread Local Storage
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 0.66
Matched TTPs:
- T1552.003 - Shell History
- T1008 - Fallback Channels
- T1565 - Data Manipulation
- T1490 - Inhibit System Recovery
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 0.58
Matched TTPs:
- T1128 - Netsh Helper DLL
- T1212 - Exploitation for Credential Access
- T1547.008 - LSASS Driver
- T1055.015 - ListPlanting
MITREへのリンク →
Score: 0.56
Matched TTPs:
- T1565 - Data Manipulation
- T1122 - Component Object Model Hijacking
- T1564.008 - Email Hiding Rules
- T1548.006 - TCC Manipulation
MITREへのリンク →
Score: 0.55
Matched TTPs:
- T1548.006 - TCC Manipulation
- T1212 - Exploitation for Credential Access
- T1578.001 - Create Snapshot
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 0.55
Matched TTPs:
- T1548.006 - TCC Manipulation
- T1212 - Exploitation for Credential Access
- T1578.001 - Create Snapshot
- T1665 - Hide Infrastructure
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design