Trusted Design

The Postal Group

概要

The Postal Group is active since at least 2013 and was responsible for multiple different malware campaigns in multiple different countries. Their main infection vector is phishing e-mails, which are designed to resemble tracking e-mails from different post offices around the world. This includes,among others, Poland, Australia, United Kingdom and Spain. This report aims to uncover at least some undertakings of that group and to connect different attacks across the globe.

Created: 2026-02-23

Indicators

類似Pulses

MALWARE POSING AS HUMAN RIGHTS ORGANIZATIONS AND COMMERCIAL SOFTWARE TARGETING IRANIANS AND FOREIGN POLICY INSTITUTIONS (score: 0.68)
Tracing Pony’s Threat Cycle and Multi-Stage Infection Chain (score: 0.64)
THL 2016-01-26: Parcel Tracking | Track and Trace Your EMS Post (score: 0.63)
Operation DustySky (score: 0.63)
THL 2015-11-23: UKMail 988271023 tracking information (score: 0.63)

このPulseに関連する脅威アクター (事実ベース)

Scattered Spider

Score: 28.97

Matched TTPs:

T1564.008 - Email Hiding Rules
T1069 - Permission Groups Discovery
T1114 - Email Collection
T1598.003 - Spearphishing Link
T1070.008 - Clear Mailbox Data
T1657 - Financial Theft
T1656 - Impersonation
T1598 - Phishing for Information
T1003.003 - NTDS

MITREへのリンク →

FIN4

Score: 9.12

Matched TTPs:

T1564.008 - Email Hiding Rules
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1114.002 - Remote Email Collection

MITREへのリンク →

APT41

Score: 9.53

Matched TTPs:

T1069 - Permission Groups Discovery
T1566.001 - Spearphishing Attachment
T1656 - Impersonation
T1003.003 - NTDS

MITREへのリンク →

TA505

Score: 5.61

Matched TTPs:

T1069 - Permission Groups Discovery
T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment

MITREへのリンク →

Volt Typhoon

Score: 8.15

Matched TTPs:

T1069 - Permission Groups Discovery
T1589.002 - Email Addresses
T1003.003 - NTDS

MITREへのリンク →

APT3

Score: 4.73

Matched TTPs:

T1069 - Permission Groups Discovery
T1566.002 - Spearphishing Link

MITREへのリンク →

FIN13

Score: 8.15

Matched TTPs:

T1069 - Permission Groups Discovery
T1657 - Financial Theft
T1003.003 - NTDS

MITREへのリンク →

Ember Bear

Score: 3.62

Matched TTPs:

T1114 - Email Collection

MITREへのリンク →

Silent Librarian

Score: 10.89

Matched TTPs:

T1114 - Email Collection
T1598.003 - Spearphishing Link
T1585.002 - Email Accounts
T1589.002 - Email Addresses

MITREへのリンク →

Magic Hound

Score: 20.19

Matched TTPs:

T1114 - Email Collection
T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1114.002 - Remote Email Collection
T1566.003 - Spearphishing via Service

MITREへのリンク →

Kimsuky

Score: 30.49

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1071.003 - Mail Protocols
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1657 - Financial Theft
T1566 - Phishing
T1114.002 - Remote Email Collection
T1656 - Impersonation
T1598 - Phishing for Information

MITREへのリンク →

Sidewinder

Score: 8.40

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment

MITREへのリンク →

Sandworm Team

Score: 11.93

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1003.003 - NTDS

MITREへのリンク →

Mustang Panda

Score: 16.21

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1027.007 - Dynamic API Resolution
T1003.003 - NTDS

MITREへのリンク →

APT32

Score: 10.59

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1071.003 - Mail Protocols
T1589.002 - Email Addresses

MITREへのリンク →

APT1

Score: 7.27

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1114.002 - Remote Email Collection

MITREへのリンク →

Lazarus Group

Score: 13.79

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1027.007 - Dynamic API Resolution
T1566.003 - Spearphishing via Service

MITREへのリンク →

Leviathan

Score: 7.27

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1585.002 - Email Accounts

MITREへのリンク →

APT33

Score: 6.45

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1552.006 - Group Policy Preferences

MITREへのリンク →

ZIRCONIUM

Score: 7.34

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1598 - Phishing for Information

MITREへのリンク →

EXOTIC LILY

Score: 9.65

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1566.003 - Spearphishing via Service

MITREへのリンク →

OilRig

Score: 7.51

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1566.003 - Spearphishing via Service

MITREへのリンク →

Windshift

Score: 4.84

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT29

Score: 10.18

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1114.002 - Remote Email Collection
T1566.003 - Spearphishing via Service

MITREへのリンク →

Storm-1811

Score: 11.54

Matched TTPs:

T1566.002 - Spearphishing Link
T1667 - Email Bombing
T1656 - Impersonation
T1566.003 - Spearphishing via Service

MITREへのリンク →

Turla

Score: 4.73

Matched TTPs:

T1566.002 - Spearphishing Link
T1071.003 - Mail Protocols

MITREへのリンク →

Wizard Spider

Score: 11.08

Matched TTPs:

T1566.002 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1552.006 - Group Policy Preferences
T1003.003 - NTDS

MITREへのリンク →

TA577

Score: 4.11

Matched TTPs:

T1566.002 - Spearphishing Link
T1586.002 - Email Accounts

MITREへのリンク →

Patchwork

Score: 4.78

Matched TTPs:

T1566.002 - Spearphishing Link
T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment

MITREへのリンク →

APT42

Score: 10.90

Matched TTPs:

T1566.002 - Spearphishing Link
T1070.008 - Clear Mailbox Data
T1585.002 - Email Accounts
T1656 - Impersonation

MITREへのリンク →

APT28

Score: 26.81

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1071.003 - Mail Protocols
T1114.002 - Remote Email Collection
T1598 - Phishing for Information
T1498 - Network Denial of Service
T1137.002 - Office Test
T1003.003 - NTDS

MITREへのリンク →

Star Blizzard

Score: 14.57

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1598.002 - Spearphishing Attachment
T1114.002 - Remote Email Collection

MITREへのリンク →

Moonstone Sleet

Score: 14.11

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1598 - Phishing for Information
T1566.003 - Spearphishing via Service

MITREへのリンク →

CURIUM

Score: 8.14

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1585.002 - Email Accounts
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 11.96

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment
T1114.002 - Remote Email Collection
T1003.003 - NTDS

MITREへのリンク →

Saint Bear

Score: 6.43

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1589.002 - Email Addresses
T1656 - Impersonation

MITREへのリンク →

FIN6

Score: 5.74

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1003.003 - NTDS
T1566.003 - Spearphishing via Service

MITREへのリンク →

menuPass

Score: 3.22

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1003.003 - NTDS

MITREへのリンク →

Ajax Security Team

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA551

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1589.002 - Email Addresses

MITREへのリンク →

Malteiro

Score: 3.40

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1657 - Financial Theft

MITREへのリンク →

SideCopy

Score: 4.50

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1598.002 - Spearphishing Attachment

MITREへのリンク →

IndigoZebra

Score: 3.54

Matched TTPs:

T1566.001 - Spearphishing Attachment
T1586.002 - Email Accounts

MITREへのリンク →

HEXANE

Score: 7.48

Matched TTPs:

T1586.002 - Email Accounts
T1585.002 - Email Accounts
T1589.002 - Email Addresses

MITREへのリンク →

LAPSUS$

Score: 10.56

Matched TTPs:

T1586.002 - Email Accounts
T1589.002 - Email Addresses
T1656 - Impersonation
T1003.003 - NTDS

MITREへのリンク →

SilverTerrier

Score: 5.81

Matched TTPs:

T1071.003 - Mail Protocols
T1657 - Financial Theft

MITREへのリンク →

Contagious Interview

Score: 13.65

Matched TTPs:

T1071.003 - Mail Protocols
T1585.002 - Email Accounts
T1657 - Financial Theft
T1656 - Impersonation
T1566.003 - Spearphishing via Service

MITREへのリンク →

Medusa Group

Score: 7.15

Matched TTPs:

T1585.002 - Email Accounts
T1657 - Financial Theft
T1003.003 - NTDS

MITREへのリンク →

HAFNIUM

Score: 7.53

Matched TTPs:

T1589.002 - Email Addresses
T1114.002 - Remote Email Collection
T1003.003 - NTDS

MITREへのリンク →

INC Ransom

Score: 5.81

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1657 - Financial Theft
T1566 - Phishing

MITREへのリンク →

Sea Turtle

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

Axiom

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

Ke3chang

Score: 5.01

Matched TTPs:

T1114.002 - Remote Email Collection
T1003.003 - NTDS

MITREへのリンク →

Chimera

Score: 5.01

Matched TTPs:

T1114.002 - Remote Email Collection
T1003.003 - NTDS

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.81

Matched TTPs:

T1598.003 - Spearphishing Link
T1598 - Phishing for Information
T1585.002 - Email Accounts
T1566.001 - Spearphishing Attachment
T1589.002 - Email Addresses
T1656 - Impersonation
T1071.003 - Mail Protocols
T1657 - Financial Theft
T1566.002 - Spearphishing Link
T1586.002 - Email Accounts
T1114.002 - Remote Email Collection
T1566 - Phishing

MITREへのリンク →

Scattered Spider

Score: 0.79

Matched TTPs:

T1069 - Permission Groups Discovery
T1598.003 - Spearphishing Link
T1598 - Phishing for Information
T1003.003 - NTDS
T1564.008 - Email Hiding Rules
T1656 - Impersonation
T1657 - Financial Theft
T1114 - Email Collection
T1070.008 - Clear Mailbox Data

MITREへのリンク →

APT28

Score: 0.73

Matched TTPs:

T1598.003 - Spearphishing Link
T1598 - Phishing for Information
T1003.003 - NTDS
T1137.002 - Office Test
T1566.001 - Spearphishing Attachment
T1498 - Network Denial of Service
T1071.003 - Mail Protocols
T1114.002 - Remote Email Collection
T1586.002 - Email Accounts

MITREへのリンク →

Magic Hound

Score: 0.59

Matched TTPs:

T1598.003 - Spearphishing Link
T1566.003 - Spearphishing via Service
T1585.002 - Email Accounts
T1589.002 - Email Addresses
T1114 - Email Collection
T1566.002 - Spearphishing Link
T1586.002 - Email Accounts
T1114.002 - Remote Email Collection

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る