Trusted Design

The Spy Kittens Are Back: Rocket Kitten 2

概要

Our findings show that Rocket Kitten is still active, retains a growing level of persistence, and acts ever more aggressively in terms of attack method. We also found that recent publications on the group’s activity have done nothing to change their behavior or reduce their activity. They don’t seem to bother to have to “disappear.” With this paper, we feel fairly certain that Rocket Kitten’s prime targets are not companies and political organizations as entire bodies but individuals that operate in strategically interesting fields such as diplomacy, foreign policy research, and defense-related businesses. We believe the espionage factor and political context make their attacks unique and very different from traditional targeted attacks.

Created: 2026-02-23

Indicators

類似Pulses

The Kittens Strike Back (score: 0.76)
Operation Iron Tiger (score: 0.64)
Domestic Kitten: An Iranian Surveillance Operation (score: 0.61)
Domestic Kitten: An Iranian Surveillance Operation (score: 0.61)
Two Years of Pawn Storm (score: 0.60)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 4.13

Matched TTPs:

T1564.008 - Email Hiding Rules

MITREへのリンク →

Sandworm Team

Score: 9.22

Matched TTPs:

T1564.008 - Email Hiding Rules
T1122 - Component Object Model Hijacking
T1548.006 - TCC Manipulation

MITREへのリンク →

Higaisa

Score: 7.13

Matched TTPs:

T1569.003 - Systemctl
T1578.001 - Create Snapshot

MITREへのリンク →

UNC3886

Score: 6.72

Matched TTPs:

T1021.006 - Windows Remote Management
T1578.001 - Create Snapshot

MITREへのリンク →

Contagious Interview

Score: 6.66

Matched TTPs:

T1021.006 - Windows Remote Management
T1547.008 - LSASS Driver

MITREへのリンク →

APT33

Score: 4.13

Matched TTPs:

T1567.001 - Exfiltration to Code Repository

MITREへのリンク →

Wizard Spider

Score: 6.47

Matched TTPs:

T1567.001 - Exfiltration to Code Repository
T1548.006 - TCC Manipulation

MITREへのリンク →

APT28

Score: 9.62

Matched TTPs:

T1122 - Component Object Model Hijacking
T1146 - Clear Command History
T1548.006 - TCC Manipulation

MITREへのリンク →

menuPass

Score: 5.09

Matched TTPs:

T1122 - Component Object Model Hijacking
T1548.006 - TCC Manipulation

MITREへのリンク →

RedCurl

Score: 5.49

Matched TTPs:

T1122 - Component Object Model Hijacking
T1128 - Netsh Helper DLL

MITREへのリンク →

APT29

Score: 5.27

Matched TTPs:

T1122 - Component Object Model Hijacking
T1547.008 - LSASS Driver

MITREへのリンク →

HAFNIUM

Score: 5.09

Matched TTPs:

T1122 - Component Object Model Hijacking
T1548.006 - TCC Manipulation

MITREへのリンク →

LAPSUS$

Score: 5.09

Matched TTPs:

T1122 - Component Object Model Hijacking
T1548.006 - TCC Manipulation

MITREへのリンク →

Gamaredon Group

Score: 4.54

Matched TTPs:

T1061 - Graphical User Interface

MITREへのリンク →

OilRig

Score: 9.11

Matched TTPs:

T1055.012 - Process Hollowing
T1128 - Netsh Helper DLL
T1547.008 - LSASS Driver

MITREへのリンク →

Chimera

Score: 8.78

Matched TTPs:

T1055.012 - Process Hollowing
T1548.006 - TCC Manipulation
T1578.001 - Create Snapshot

MITREへのリンク →

Turla

Score: 6.44

Matched TTPs:

T1055.012 - Process Hollowing
T1578.001 - Create Snapshot

MITREへのリンク →

Cobalt Group

Score: 5.49

Matched TTPs:

T1027.014 - Polymorphic Code
T1128 - Netsh Helper DLL

MITREへのリンク →

Medusa Group

Score: 5.09

Matched TTPs:

T1128 - Netsh Helper DLL
T1548.006 - TCC Manipulation

MITREへのリンク →

FIN6

Score: 7.61

Matched TTPs:

T1128 - Netsh Helper DLL
T1548.006 - TCC Manipulation
T1547.008 - LSASS Driver

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Mustard Tempest

Score: 4.54

Matched TTPs:

T1543.002 - Systemd Service

MITREへのリンク →

Mustang Panda

Score: 6.47

Matched TTPs:

T1055.005 - Thread Local Storage
T1548.006 - TCC Manipulation

MITREへのリンク →

Lazarus Group

Score: 9.25

Matched TTPs:

T1055.005 - Thread Local Storage
T1578.001 - Create Snapshot
T1547.008 - LSASS Driver

MITREへのリンク →

Volt Typhoon

Score: 4.93

Matched TTPs:

T1548.006 - TCC Manipulation
T1578.001 - Create Snapshot

MITREへのリンク →

CURIUM

Score: 5.12

Matched TTPs:

T1578.001 - Create Snapshot
T1547.008 - LSASS Driver

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.83

Matched TTPs:

T1122 - Component Object Model Hijacking
T1146 - Clear Command History
T1548.006 - TCC Manipulation

MITREへのリンク →

Sandworm Team

Score: 0.80

Matched TTPs:

T1564.008 - Email Hiding Rules
T1122 - Component Object Model Hijacking
T1548.006 - TCC Manipulation

MITREへのリンク →

OilRig

Score: 0.80

Matched TTPs:

T1128 - Netsh Helper DLL
T1547.008 - LSASS Driver
T1055.012 - Process Hollowing

MITREへのリンク →

Lazarus Group

Score: 0.77

Matched TTPs:

T1578.001 - Create Snapshot
T1547.008 - LSASS Driver
T1055.005 - Thread Local Storage

MITREへのリンク →

Chimera

Score: 0.74

Matched TTPs:

T1578.001 - Create Snapshot
T1548.006 - TCC Manipulation
T1055.012 - Process Hollowing

MITREへのリンク →

FIN6

Score: 0.64

Matched TTPs:

T1128 - Netsh Helper DLL
T1548.006 - TCC Manipulation
T1547.008 - LSASS Driver

MITREへのリンク →

Higaisa

Score: 0.64

Matched TTPs:

T1578.001 - Create Snapshot
T1569.003 - Systemctl

MITREへのリンク →

Mustang Panda

Score: 0.62

Matched TTPs:

T1548.006 - TCC Manipulation
T1055.005 - Thread Local Storage

MITREへのリンク →

Turla

Score: 0.59

Matched TTPs:

T1578.001 - Create Snapshot
T1055.012 - Process Hollowing

MITREへのリンク →

UNC3886

Score: 0.58

Matched TTPs:

T1021.006 - Windows Remote Management
T1578.001 - Create Snapshot

MITREへのリンク →

Contagious Interview

Score: 0.57

Matched TTPs:

T1021.006 - Windows Remote Management
T1547.008 - LSASS Driver

MITREへのリンク →

Wizard Spider

Score: 0.55

Matched TTPs:

T1548.006 - TCC Manipulation
T1567.001 - Exfiltration to Code Repository

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る