Trusted Design

THE DUKES: 7 years of Russian cyberespionage

概要

The Dukes are a well-resourced, highly dedicated and organized cyberespionage group that we believe has been working for the Russian Federation since at least 2008 to collect intelligence in support of foreign and security policy decision-making. ...the Dukes show unusual confidence in their ability to continue successfully compromising their targets [...], as well as in their ability to operate with impunity. The Dukes primarily target Western governments and related organizations, such as government ministries and agencies, political think tanks, and governmental subcontractors. Their targets have also included the governments of members of the Commonwealth of Independent States; Asian, African, and Middle Eastern governments; organizations associated with Chechen extremism; and Russian speakers engaged in the illicit trade of controlled substances and drugs.

Created: 2026-02-23

Indicators

類似Pulses

Two Years of Pawn Storm (score: 0.50)
Attacks Against the Mongolian Government (score: 0.46)
TheShadowBrokers - Message #5 - Trick or Treat? (score: 0.45)
PROJECT CAMERASHY: CLOSING THE APERTURE ON CHINA’S UNIT 78020 (score: 0.43)
FBI CYWATCH A-000067-DM (score: 0.43)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 4.13

Matched TTPs:

T1564.008 - Email Hiding Rules

MITREへのリンク →

Sandworm Team

Score: 6.88

Matched TTPs:

T1564.008 - Email Hiding Rules
T1122 - Component Object Model Hijacking

MITREへのリンク →

APT33

Score: 4.13

Matched TTPs:

T1567.001 - Exfiltration to Code Repository

MITREへのリンク →

Wizard Spider

Score: 6.53

Matched TTPs:

T1567.001 - Exfiltration to Code Repository
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT28

Score: 6.88

Matched TTPs:

T1122 - Component Object Model Hijacking
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT29

Score: 5.27

Matched TTPs:

T1122 - Component Object Model Hijacking
T1547.008 - LSASS Driver

MITREへのリンク →

OilRig

Score: 6.37

Matched TTPs:

T1055.012 - Process Hollowing
T1547.008 - LSASS Driver

MITREへのリンク →

Chimera

Score: 8.83

Matched TTPs:

T1055.012 - Process Hollowing
T1027.007 - Dynamic API Resolution
T1578.001 - Create Snapshot

MITREへのリンク →

Turla

Score: 6.44

Matched TTPs:

T1055.012 - Process Hollowing
T1578.001 - Create Snapshot

MITREへのリンク →

Storm-0501

Score: 5.67

Matched TTPs:

T1027.014 - Polymorphic Code
T1565.002 - Transmitted Data Manipulation

MITREへのリンク →

Blue Mockingbird

Score: 5.14

Matched TTPs:

T1027.014 - Polymorphic Code
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Kimsuky

Score: 5.67

Matched TTPs:

T1027.014 - Polymorphic Code
T1565.002 - Transmitted Data Manipulation

MITREへのリンク →

APT32

Score: 5.14

Matched TTPs:

T1027.014 - Polymorphic Code
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Contagious Interview

Score: 5.45

Matched TTPs:

T1565.002 - Transmitted Data Manipulation
T1547.008 - LSASS Driver

MITREへのリンク →

Storm-1811

Score: 5.45

Matched TTPs:

T1565.002 - Transmitted Data Manipulation
T1547.008 - LSASS Driver

MITREへのリンク →

FIN7

Score: 4.99

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1578.001 - Create Snapshot

MITREへのリンク →

Velvet Ant

Score: 6.53

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN6

Score: 4.92

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1547.008 - LSASS Driver

MITREへのリンク →

Moonstone Sleet

Score: 4.92

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1547.008 - LSASS Driver

MITREへのリンク →

CURIUM

Score: 5.12

Matched TTPs:

T1578.001 - Create Snapshot
T1547.008 - LSASS Driver

MITREへのリンク →

Lazarus Group

Score: 5.12

Matched TTPs:

T1578.001 - Create Snapshot
T1547.008 - LSASS Driver

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Chimera

Score: 0.78

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1578.001 - Create Snapshot
T1055.012 - Process Hollowing

MITREへのリンク →

APT28

Score: 0.66

Matched TTPs:

T1122 - Component Object Model Hijacking
T1566.003 - Spearphishing via Service

MITREへのリンク →

Sandworm Team

Score: 0.66

Matched TTPs:

T1122 - Component Object Model Hijacking
T1564.008 - Email Hiding Rules

MITREへのリンク →

Turla

Score: 0.63

Matched TTPs:

T1578.001 - Create Snapshot
T1055.012 - Process Hollowing

MITREへのリンク →

Wizard Spider

Score: 0.61

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1567.001 - Exfiltration to Code Repository

MITREへのリンク →

OilRig

Score: 0.60

Matched TTPs:

T1547.008 - LSASS Driver
T1055.012 - Process Hollowing

MITREへのリンク →

Velvet Ant

Score: 0.59

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1566.003 - Spearphishing via Service

MITREへのリンク →

Kimsuky

Score: 0.58

Matched TTPs:

T1565.002 - Transmitted Data Manipulation
T1027.014 - Polymorphic Code

MITREへのリンク →

APT29

Score: 0.58

Matched TTPs:

T1547.008 - LSASS Driver
T1122 - Component Object Model Hijacking

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る