Trusted Design

China Hacks the Peace Palace: All Your EEZ’s Are Belong to Us

概要

In early July 2015, Chinese APT actors used an Adobe Flash Player exploit within a specific webpage detailing a noteworthy international legal case between the Philippines and China. This precedent setting legal case would be followed by many Southeast Asian nations, as well as others around the globe. The exploit appeared on day three of the Permanent Court of Arbitration tribunal, exposing an untold number of interested parties that visited the webpage to potential exploitation. When considered holistically, the intelligence supports the conclusion that this exploitation campaign was purposefully carried out against the backdrop of diplomatic and legal maneuvering. Despite Beijing’s unwillingness to participate in the international arbitration and their rejection of the PCA’s jurisdiction, there appears to be a distinct effort to surreptitiously target those who are interested in this landmark international legal case via electronic means.

Created: 2026-02-23

Indicators

類似Pulses

Watering hole affecting the Permanent Court of Arbitration (PCA) (score: 0.74)
PROJECT CAMERASHY: CLOSING THE APERTURE ON CHINA’S UNIT 78020 (score: 0.60)
Chinese Actors attacks on US Government and EU Media (score: 0.60)
Chinese Government Website Compromised, Leads to Angler (score: 0.59)
Forbes.com Waterhole Attack (score: 0.58)

このPulseに関連する脅威アクター (事実ベース)

Turla

Score: 5.68

Matched TTPs:

T1071.003 - Mail Protocols
T1102.002 - Bidirectional Communication

MITREへのリンク →

SilverTerrier

Score: 3.29

Matched TTPs:

T1071.003 - Mail Protocols

MITREへのリンク →

APT32

Score: 3.29

Matched TTPs:

T1071.003 - Mail Protocols

MITREへのリンク →

APT28

Score: 8.43

Matched TTPs:

T1071.003 - Mail Protocols
T1210 - Exploitation of Remote Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

Kimsuky

Score: 15.58

Matched TTPs:

T1071.003 - Mail Protocols
T1102.002 - Bidirectional Communication
T1219.002 - Remote Desktop Software
T1680 - Local Storage Discovery
T1588.005 - Exploits

MITREへのリンク →

Contagious Interview

Score: 8.74

Matched TTPs:

T1071.003 - Mail Protocols
T1219.002 - Remote Desktop Software
T1566.003 - Spearphishing via Service

MITREへのリンク →

PROMETHIUM

Score: 4.13

Matched TTPs:

T1205.001 - Port Knocking

MITREへのリンク →

UNC3886

Score: 4.13

Matched TTPs:

T1205.001 - Port Knocking

MITREへのリンク →

Ember Bear

Score: 6.88

Matched TTPs:

T1210 - Exploitation of Remote Services
T1588.005 - Exploits

MITREへのリンク →

Dragonfly

Score: 5.67

Matched TTPs:

T1210 - Exploitation of Remote Services
T1195.002 - Compromise Software Supply Chain

MITREへのリンク →

MuddyWater

Score: 5.14

Matched TTPs:

T1210 - Exploitation of Remote Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

Threat Group-3390

Score: 5.67

Matched TTPs:

T1210 - Exploitation of Remote Services
T1195.002 - Compromise Software Supply Chain

MITREへのリンク →

FIN7

Score: 8.07

Matched TTPs:

T1210 - Exploitation of Remote Services
T1195.002 - Compromise Software Supply Chain
T1102.002 - Bidirectional Communication

MITREへのリンク →

Sandworm Team

Score: 5.33

Matched TTPs:

T1195.002 - Compromise Software Supply Chain
T1102.002 - Bidirectional Communication

MITREへのリンク →

Moonstone Sleet

Score: 5.45

Matched TTPs:

T1195.002 - Compromise Software Supply Chain
T1566.003 - Spearphishing via Service

MITREへのリンク →

Lazarus Group

Score: 11.89

Matched TTPs:

T1102.002 - Bidirectional Communication
T1027.007 - Dynamic API Resolution
T1680 - Local Storage Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Magic Hound

Score: 4.92

Matched TTPs:

T1102.002 - Bidirectional Communication
T1566.003 - Spearphishing via Service

MITREへのリンク →

OilRig

Score: 7.06

Matched TTPs:

T1137.004 - Outlook Home Page
T1566.003 - Spearphishing via Service

MITREへのリンク →

LAPSUS$

Score: 4.13

Matched TTPs:

T1578.002 - Create Cloud Instance

MITREへのリンク →

Scattered Spider

Score: 11.60

Matched TTPs:

T1578.002 - Create Cloud Instance
T1219.002 - Remote Desktop Software
T1538 - Cloud Service Dashboard

MITREへのリンク →

Storm-1811

Score: 5.45

Matched TTPs:

T1219.002 - Remote Desktop Software
T1566.003 - Spearphishing via Service

MITREへのリンク →

Mustang Panda

Score: 7.06

Matched TTPs:

T1219.002 - Remote Desktop Software
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT38

Score: 4.54

Matched TTPs:

T1036.006 - Space after Filename

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1001.002 - Steganography

MITREへのリンク →

ToddyCat

Score: 5.36

Matched TTPs:

T1680 - Local Storage Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.81

Matched TTPs:

T1071.003 - Mail Protocols
T1102.002 - Bidirectional Communication
T1219.002 - Remote Desktop Software
T1588.005 - Exploits
T1680 - Local Storage Discovery

MITREへのリンク →

Lazarus Group

Score: 0.65

Matched TTPs:

T1566.003 - Spearphishing via Service
T1027.007 - Dynamic API Resolution
T1102.002 - Bidirectional Communication
T1680 - Local Storage Discovery

MITREへのリンク →

Scattered Spider

Score: 0.63

Matched TTPs:

T1578.002 - Create Cloud Instance
T1219.002 - Remote Desktop Software
T1538 - Cloud Service Dashboard

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る