Trusted Design

Large Malvertising Campaign Goes (Almost) Undetected

概要

The malvertising campaign we are exposing leveraged several top ad networks, as well as many more smaller ones. Despite its large scope and impact, it ran mostly uninterrupted for almost three weeks, according to telemetry data we were able to mine once we uncovered the scheme. The threat actors responsible for this attack devised a cunning plan to pose as legitimate advertisers and employed stealthy and advanced techniques to hide malicious traffic redirections so well that they evaded most detection systems. The ultimate goal of this plan was to compromise the computers of millions of users browsing popular websites by covertly redirecting their browsers to the Angler Exploit Kit, the most advanced tool used in drive-by download attacks

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Mustang Panda

Score: 42.77
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1608 - Stage Capabilities
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1588.003 - Code Signing Certificates
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Kimsuky

Score: 86.01
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1583 - Acquire Infrastructure
  • T1594 - Search Victim-Owned Websites
  • T1587.001 - Malware
  • T1176.001 - Browser Extensions
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1185 - Browser Session Hijacking
  • T1596 - Search Open Technical Databases
  • T1593.002 - Search Engines
  • T1657 - Financial Theft
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1564.002 - Hidden Users
  • T1591 - Gather Victim Org Information
  • T1534 - Internal Spearphishing
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1593.001 - Social Media
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1588.003 - Code Signing Certificates
  • T1588.005 - Exploits
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Sea Turtle

Score: 20.77
Matched TTPs:
  • T1557 - Adversary-in-the-Middle
  • T1583 - Acquire Infrastructure
  • T1564.011 - Ignore Process Interrupts
  • T1588.002 - Tool
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1584.002 - DNS Server
MITREへのリンク →

Ember Bear

Score: 25.82
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1195 - Supply Chain Compromise
  • T1595.002 - Vulnerability Scanning
  • T1588.001 - Malware
  • T1203 - Exploitation for Client Execution
  • T1595.001 - Scanning IP Blocks
  • T1588.005 - Exploits
MITREへのリンク →

Indrik Spider

Score: 11.81
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1590 - Gather Victim Network Information
  • T1584.004 - Server
MITREへのリンク →

Agrius

Score: 3.03
Matched TTPs:
  • T1583 - Acquire Infrastructure
MITREへのリンク →

Contagious Interview

Score: 35.90
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1681 - Search Threat Vendor Data
  • T1090 - Proxy
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1593.001 - Social Media
  • T1204.004 - Malicious Copy and Paste
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Sandworm Team

Score: 61.08
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1594 - Search Victim-Owned Websites
  • T1587.001 - Malware
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1595.002 - Vulnerability Scanning
  • T1591.002 - Business Relationships
  • T1090 - Proxy
  • T1584.005 - Botnet
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1499 - Endpoint Denial of Service
  • T1584.004 - Server
MITREへのリンク →

Star Blizzard

Score: 15.22
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
MITREへのリンク →

Volt Typhoon

Score: 52.06
Matched TTPs:
  • T1592 - Gather Victim Host Information
  • T1016.001 - Internet Connection Discovery
  • T1584.008 - Network Devices
  • T1594 - Search Victim-Owned Websites
  • T1590.004 - Network Topology
  • T1217 - Browser Information Discovery
  • T1090 - Proxy
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1593 - Search Open Websites/Domains
  • T1588.002 - Tool
  • T1591.004 - Identify Roles
  • T1584.004 - Server
  • T1596.005 - Scan Databases
  • T1090.001 - Internal Proxy
MITREへのリンク →

LAPSUS$

Score: 33.49
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1589.001 - Credentials
  • T1584.002 - DNS Server
  • T1591.004 - Identify Roles
MITREへのリンク →

Andariel

Score: 13.41
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1588.001 - Malware
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Magic Hound

Score: 40.42
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1595.002 - Vulnerability Scanning
  • T1090 - Proxy
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1592.002 - Software
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1189 - Drive-by Compromise
  • T1591.001 - Determine Physical Locations
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

HAFNIUM

Score: 31.25
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1016.001 - Internet Connection Discovery
  • T1583.005 - Botnet
  • T1592.004 - Client Configurations
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1590 - Gather Victim Network Information
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
MITREへのリンク →

HEXANE

Score: 15.21
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
MITREへのリンク →

APT29

Score: 23.51
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1595.002 - Vulnerability Scanning
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1665 - Hide Infrastructure
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gamaredon Group

Score: 34.82
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1608.001 - Upload Malware
  • T1090 - Proxy
  • T1102 - Web Service
  • T1027.012 - LNK Icon Smuggling
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1588.002 - Tool
  • T1001 - Data Obfuscation
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

TA2541

Score: 11.49
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
MITREへのリンク →

Lotus Blossom

Score: 6.52
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1588.002 - Tool
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN13

Score: 22.19
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1590.004 - Network Topology
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1565 - Data Manipulation
  • T1564.001 - Hidden Files and Directories
  • T1090.001 - Internal Proxy
MITREへのリンク →

Turla

Score: 33.17
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1027.005 - Indicator Removal from Tools
  • T1102.002 - Bidirectional Communication
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN8

Score: 13.46
Matched TTPs:
  • T1016.001 - Internet Connection Discovery
  • T1566.002 - Spearphishing Link
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1588.003 - Code Signing Certificates
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

APT28

Score: 50.40
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1595.002 - Vulnerability Scanning
  • T1596 - Search Open Technical Databases
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1189 - Drive-by Compromise
  • T1498 - Network Denial of Service
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
  • T1669 - Wi-Fi Networks
MITREへのリンク →

ZIRCONIUM

Score: 19.51
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1665 - Hide Infrastructure
MITREへのリンク →

Leviathan

Score: 29.08
Matched TTPs:
  • T1584.008 - Network Devices
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1595.002 - Vulnerability Scanning
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

Mustard Tempest

Score: 17.30
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1608.006 - SEO Poisoning
MITREへのリンク →

Silent Librarian

Score: 6.59
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1588.002 - Tool
MITREへのリンク →

EXOTIC LILY

Score: 21.63
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1597 - Search Closed Sources
  • T1593.001 - Social Media
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA578

Score: 5.30
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1583.006 - Web Services
MITREへのリンク →

Moonstone Sleet

Score: 19.06
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1217 - Browser Information Discovery
  • T1591 - Gather Victim Org Information
  • T1598 - Phishing for Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Lazarus Group

Score: 40.35
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1564.001 - Hidden Files and Directories
  • T1566.003 - Spearphishing via Service
  • T1090.001 - Internal Proxy
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

OilRig

Score: 23.28
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

UNC3886

Score: 20.50
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1564.011 - Ignore Process Interrupts
  • T1681 - Search Threat Vendor Data
  • T1588.001 - Malware
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LuminousMoth

Score: 14.52
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Salt Typhoon

Score: 12.57
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1590.004 - Network Topology
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Play

Score: 5.47
Matched TTPs:
  • T1587.001 - Malware
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

Aoqin Dragon

Score: 4.44
Matched TTPs:
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 8.73
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1102 - Web Service
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Ke3chang

Score: 6.79
Matched TTPs:
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1588.002 - Tool
MITREへのリンク →

TeamTNT

Score: 13.32
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1595.002 - Vulnerability Scanning
  • T1102 - Web Service
  • T1595.001 - Scanning IP Blocks
MITREへのリンク →

FIN7

Score: 32.05
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1674 - Input Injection
  • T1583.006 - Web Services
  • T1497.002 - User Activity Based Checks
  • T1591 - Gather Victim Org Information
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

BlackTech

Score: 6.94
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

MuddyWater

Score: 8.20
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Confucius

Score: 4.95
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Sidewinder

Score: 9.02
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Elderwood

Score: 4.71
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Machete

Score: 3.21
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1189 - Drive-by Compromise
MITREへのリンク →

Transparent Tribe

Score: 10.41
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT32

Score: 22.97
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

APT3

Score: 6.09
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT1

Score: 4.75
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

APT33

Score: 9.57
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Windshift

Score: 5.74
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 3.79
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Earth Lusca

Score: 21.89
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1595.002 - Vulnerability Scanning
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

Storm-1811

Score: 9.36
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1566.004 - Spearphishing Voice
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Wizard Spider

Score: 8.19
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1588.003 - Code Signing Certificates
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Patchwork

Score: 14.45
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TA505

Score: 6.73
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

LazyScripter

Score: 10.41
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1588.001 - Malware
  • T1102 - Web Service
  • T1583.006 - Web Services
MITREへのリンク →

APT42

Score: 6.79
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1102 - Web Service
  • T1588.002 - Tool
MITREへのリンク →

APT39

Score: 7.62
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
  • T1090.001 - Internal Proxy
MITREへのリンク →

Scattered Spider

Score: 25.62
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1217 - Browser Information Discovery
  • T1598.004 - Spearphishing Voice
  • T1090 - Proxy
  • T1588.001 - Malware
  • T1657 - Financial Theft
  • T1204 - User Execution
  • T1588.002 - Tool
  • T1598 - Phishing for Information
MITREへのリンク →

CURIUM

Score: 13.40
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 26.62
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1595.002 - Vulnerability Scanning
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1564.002 - Hidden Users
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

APT5

Score: 3.84
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

Threat Group-3390

Score: 16.40
Matched TTPs:
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1608.002 - Upload Tool
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1588.003 - Code Signing Certificates
MITREへのリンク →

Velvet Ant

Score: 5.96
Matched TTPs:
  • T1040 - Network Sniffing
  • T1090.001 - Internal Proxy
MITREへのリンク →

DarkVishnya

Score: 3.88
Matched TTPs:
  • T1040 - Network Sniffing
  • T1588.002 - Tool
MITREへのリンク →

SideCopy

Score: 5.59
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

BlackByte

Score: 5.82
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1491.001 - Internal Defacement
MITREへのリンク →

BITTER

Score: 7.94
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Saint Bear

Score: 5.48
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

MoustachedBouncer

Score: 6.88
Matched TTPs:
  • T1659 - Content Injection
  • T1090 - Proxy
MITREへのリンク →

Medusa Group

Score: 22.21
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1650 - Acquire Access
  • T1529 - System Shutdown/Reboot
  • T1218.014 - MMC
MITREへのリンク →

Volatile Cedar

Score: 6.72
Matched TTPs:
  • T1595.002 - Vulnerability Scanning
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

APT41

Score: 18.83
Matched TTPs:
  • T1595.002 - Vulnerability Scanning
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1596.005 - Scan Databases
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Winter Vivern

Score: 12.52
Matched TTPs:
  • T1595.002 - Vulnerability Scanning
  • T1056.003 - Web Portal Capture
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

Aquatic Panda

Score: 5.90
Matched TTPs:
  • T1595.002 - Vulnerability Scanning
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Fox Kitten

Score: 8.15
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1090 - Proxy
  • T1102 - Web Service
MITREへのリンク →

APT38

Score: 9.52
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1588.002 - Tool
  • T1189 - Drive-by Compromise
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Chimera

Score: 7.57
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1588.002 - Tool
  • T1589.001 - Credentials
MITREへのリンク →

CopyKittens

Score: 3.19
Matched TTPs:
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

Blue Mockingbird

Score: 3.19
Matched TTPs:
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

Cinnamon Tempest

Score: 5.71
Matched TTPs:
  • T1090 - Proxy
  • T1657 - Financial Theft
  • T1588.002 - Tool
MITREへのリンク →

Windigo

Score: 4.11
Matched TTPs:
  • T1090 - Proxy
  • T1189 - Drive-by Compromise
MITREへのリンク →

POLONIUM

Score: 7.60
Matched TTPs:
  • T1090 - Proxy
  • T1583.006 - Web Services
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Metador

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

BackdoorDiplomacy

Score: 3.31
Matched TTPs:
  • T1588.001 - Malware
  • T1588.002 - Tool
MITREへのリンク →

Rocke

Score: 12.61
Matched TTPs:
  • T1055.002 - Portable Executable Injection
  • T1102 - Web Service
  • T1564.001 - Hidden Files and Directories
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Gorgon Group

Score: 4.98
Matched TTPs:
  • T1055.002 - Portable Executable Injection
  • T1588.002 - Tool
MITREへのリンク →

Axiom

Score: 14.70
Matched TTPs:
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1001.002 - Steganography
MITREへのリンク →

Inception

Score: 4.87
Matched TTPs:
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

FIN6

Score: 8.64
Matched TTPs:
  • T1102 - Web Service
  • T1588.002 - Tool
  • T1566.003 - Spearphishing via Service
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

INC Ransom

Score: 6.66
Matched TTPs:
  • T1657 - Financial Theft
  • T1588.002 - Tool
  • T1566 - Phishing
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

Darkhotel

Score: 7.39
Matched TTPs:
  • T1497.002 - User Activity Based Checks
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

BRONZE BUTLER

Score: 7.39
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

GALLIUM

Score: 4.00
Matched TTPs:
  • T1588.002 - Tool
  • T1027.005 - Indicator Removal from Tools
MITREへのリンク →

Thrip

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →

Carbanak

Score: 3.25
Matched TTPs:
  • T1588.002 - Tool
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29
Matched TTPs:
  • T1566 - Phishing
MITREへのリンク →

Deep Panda

Score: 3.15
Matched TTPs:
  • T1027.005 - Indicator Removal from Tools
MITREへのリンク →

Tropic Trooper

Score: 7.78
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT37

Score: 9.28
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

APT12

Score: 3.89
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Higaisa

Score: 8.27
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1090.001 - Internal Proxy
MITREへのリンク →

RTM

Score: 5.05
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Daggerfly

Score: 4.60
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.78
Matched TTPs:
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1608.001 - Upload Malware
  • T1566.002 - Spearphishing Link
  • T1593.002 - Search Engines
  • T1102.002 - Bidirectional Communication
  • T1583 - Acquire Infrastructure
  • T1566 - Phishing
  • T1588.003 - Code Signing Certificates
  • T1534 - Internal Spearphishing
  • T1185 - Browser Session Hijacking
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1593 - Search Open Websites/Domains
  • T1596 - Search Open Technical Databases
  • T1598 - Phishing for Information
  • T1557 - Adversary-in-the-Middle
  • T1588.002 - Tool
  • T1588.005 - Exploits
  • T1564.002 - Hidden Users
  • T1591 - Gather Victim Org Information
  • T1593.001 - Social Media
  • T1027.012 - LNK Icon Smuggling
  • T1102.001 - Dead Drop Resolver
  • T1176.001 - Browser Extensions
  • T1598.003 - Spearphishing Link
  • T1594 - Search Victim-Owned Websites
MITREへのリンク →

Sandworm Team

Score: 0.61
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1586.001 - Social Media Accounts
  • T1203 - Exploitation for Client Execution
  • T1195 - Supply Chain Compromise
  • T1566.002 - Spearphishing Link
  • T1102.002 - Bidirectional Communication
  • T1583 - Acquire Infrastructure
  • T1499 - Endpoint Denial of Service
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1584.004 - Server
  • T1593 - Search Open Websites/Domains
  • T1592.002 - Software
  • T1595.002 - Vulnerability Scanning
  • T1491.002 - External Defacement
  • T1588.002 - Tool
  • T1584.005 - Botnet
  • T1598.003 - Spearphishing Link
  • T1591.002 - Business Relationships
  • T1090 - Proxy
  • T1594 - Search Victim-Owned Websites
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る