Trusted Design

AbaddonPOS: A new point of sale threat linked to Vawtrak

概要

The practice of threat actors to increase their target surfaces by leveraging a single campaign to deliver multiple payloads is by now a well-established practice. While using this technique to deliver point of sale malware is less common, the approach of the US holiday shopping season gives cybercriminals ample reason to maximize the return on their campaigns by distributing a new, powerful PoS malware that can capture the credit and debit card transactions of holiday shoppers.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Mustard Tempest

Score: 9.64
Matched TTPs:
  • T1682 - Query Public AI Services
  • T1091 - Replication Through Removable Media
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Kimsuky

Score: 25.29
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1197 - BITS Jobs
  • T1132.002 - Non-Standard Encoding
  • T1027.018 - Invisible Unicode
  • T1003.003 - NTDS
MITREへのリンク →

FIN13

Score: 7.65
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1558 - Steal or Forge Kerberos Tickets
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
MITREへのリンク →

Moonstone Sleet

Score: 12.96
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1573 - Encrypted Channel
  • T1197 - BITS Jobs
  • T1547.008 - LSASS Driver
MITREへのリンク →

Lazarus Group

Score: 18.49
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1677 - Poisoned Pipeline Execution
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1055.005 - Thread Local Storage
  • T1547.008 - LSASS Driver
MITREへのリンク →

Contagious Interview

Score: 19.66
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1021.006 - Windows Remote Management
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

OilRig

Score: 16.33
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1005 - Data from Local System
  • T1558 - Steal or Forge Kerberos Tickets
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

UNC3886

Score: 10.18
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1021.006 - Windows Remote Management
  • T1136.002 - Domain Account
  • T1218.010 - Regsvr32
MITREへのリンク →

LuminousMoth

Score: 8.74
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Sandworm Team

Score: 24.20
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1005 - Data from Local System
  • T1558 - Steal or Forge Kerberos Tickets
  • T1049 - System Network Connections Discovery
  • T1199 - Trusted Relationship
  • T1187 - Forced Authentication
  • T1573 - Encrypted Channel
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

APT29

Score: 14.18
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1592.004 - Client Configurations
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

Play

Score: 5.47
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
MITREへのリンク →

Aoqin Dragon

Score: 6.62
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1558 - Steal or Forge Kerberos Tickets
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
MITREへのリンク →

RedCurl

Score: 3.46
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Turla

Score: 14.67
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1176 - Software Extensions
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Ke3chang

Score: 6.79
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1027.008 - Stripped Payloads
  • T1199 - Trusted Relationship
MITREへのリンク →

Mustang Panda

Score: 22.08
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1136.001 - Local Account
  • T1677 - Poisoned Pipeline Execution
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1055.005 - Thread Local Storage
  • T1027.018 - Invisible Unicode
MITREへのリンク →

TeamTNT

Score: 6.26
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
MITREへのリンク →

FIN7

Score: 15.76
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1011.001 - Exfiltration Over Bluetooth
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
  • T1027.018 - Invisible Unicode
MITREへのリンク →

HAFNIUM

Score: 9.48
Matched TTPs:
  • T1027.008 - Stripped Payloads
  • T1049 - System Network Connections Discovery
  • T1608.005 - Link Target
MITREへのリンク →

APT5

Score: 7.47
Matched TTPs:
  • T1027.008 - Stripped Payloads
  • T1677 - Poisoned Pipeline Execution
MITREへのリンク →

Volt Typhoon

Score: 8.60
Matched TTPs:
  • T1176 - Software Extensions
  • T1049 - System Network Connections Discovery
  • T1199 - Trusted Relationship
MITREへのリンク →

TA2541

Score: 8.65
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Earth Lusca

Score: 10.42
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

LazyScripter

Score: 9.99
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1136.002 - Domain Account
  • T1608.005 - Link Target
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Gamaredon Group

Score: 6.19
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Threat Group-3390

Score: 9.01
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

TA505

Score: 6.64
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
  • T1027.018 - Invisible Unicode
MITREへのリンク →

BITTER

Score: 4.32
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
MITREへのリンク →

APT32

Score: 15.48
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1558 - Steal or Forge Kerberos Tickets
  • T1592.004 - Client Configurations
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Saint Bear

Score: 6.84
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

EXOTIC LILY

Score: 7.35
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

APT42

Score: 13.91
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1677 - Poisoned Pipeline Execution
  • T1199 - Trusted Relationship
  • T1599 - Network Boundary Bridging
  • T1132.002 - Non-Standard Encoding
MITREへのリンク →

Ember Bear

Score: 14.12
Matched TTPs:
  • T1005 - Data from Local System
  • T1558 - Steal or Forge Kerberos Tickets
  • T1136.002 - Domain Account
  • T1218.010 - Regsvr32
  • T1003.003 - NTDS
MITREへのリンク →

menuPass

Score: 3.04
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1199 - Trusted Relationship
MITREへのリンク →

BRONZE BUTLER

Score: 10.14
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1592.004 - Client Configurations
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT28

Score: 13.11
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1197 - BITS Jobs
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

ZIRCONIUM

Score: 9.00
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1608.005 - Link Target
  • T1197 - BITS Jobs
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Windshift

Score: 7.83
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

Storm-1811

Score: 13.94
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1199 - Trusted Relationship
  • T1599 - Network Boundary Bridging
  • T1567.003 - Exfiltration to Text Storage Sites
  • T1547.008 - LSASS Driver
MITREへのリンク →

Winter Vivern

Score: 5.31
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

PLATINUM

Score: 3.95
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

LAPSUS$

Score: 6.93
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
  • T1132.002 - Non-Standard Encoding
MITREへのリンク →

Metador

Score: 3.31
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

APT1

Score: 3.31
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

Aquatic Panda

Score: 3.31
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

Andariel

Score: 9.56
Matched TTPs:
  • T1136.002 - Domain Account
  • T1187 - Forced Authentication
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

BackdoorDiplomacy

Score: 3.31
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

Scattered Spider

Score: 9.27
Matched TTPs:
  • T1136.002 - Domain Account
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
  • T1197 - BITS Jobs
MITREへのリンク →

Axiom

Score: 10.17
Matched TTPs:
  • T1049 - System Network Connections Discovery
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

INC Ransom

Score: 6.66
Matched TTPs:
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

Cinnamon Tempest

Score: 3.37
Matched TTPs:
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1552.003 - Shell History
  • T1562.013 - Disable or Modify Network Device Firewall
MITREへのリンク →

Medusa Group

Score: 9.92
Matched TTPs:
  • T1552.003 - Shell History
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1598 - Phishing for Information
MITREへのリンク →

MuddyWater

Score: 5.71
Matched TTPs:
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Confucius

Score: 4.87
Matched TTPs:
  • T1608.005 - Link Target
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

TA578

Score: 3.37
Matched TTPs:
  • T1608.005 - Link Target
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Magic Hound

Score: 12.35
Matched TTPs:
  • T1608.005 - Link Target
  • T1199 - Trusted Relationship
  • T1187 - Forced Authentication
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
  • T1547.008 - LSASS Driver
MITREへのリンク →

BlackTech

Score: 3.70
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

APT41

Score: 5.27
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
  • T1218.010 - Regsvr32
MITREへのリンク →

APT39

Score: 6.05
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1599 - Network Boundary Bridging
  • T1027.018 - Invisible Unicode
MITREへのリンク →

FIN6

Score: 3.37
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1547.008 - LSASS Driver
MITREへのリンク →

Patchwork

Score: 5.47
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Sea Turtle

Score: 5.63
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1218.010 - Regsvr32
MITREへのリンク →

Cobalt Group

Score: 6.63
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Dragonfly

Score: 7.04
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT38

Score: 3.97
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

APT33

Score: 3.70
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1218.010 - Regsvr32
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Chimera

Score: 4.47
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1132.002 - Non-Standard Encoding
MITREへのリンク →

GOLD SOUTHFIELD

Score: 6.21
Matched TTPs:
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1573 - Encrypted Channel
MITREへのリンク →

Daggerfly

Score: 6.05
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Leviathan

Score: 4.62
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

APT37

Score: 3.26
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Transparent Tribe

Score: 4.62
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Elderwood

Score: 4.62
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

Darkhotel

Score: 3.26
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

Machete

Score: 3.13
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1027.018 - Invisible Unicode
MITREへのリンク →

CURIUM

Score: 4.29
Matched TTPs:
  • T1059.012 - Hypervisor CLI
  • T1547.008 - LSASS Driver
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.79
Matched TTPs:
  • T1049 - System Network Connections Discovery
  • T1005 - Data from Local System
  • T1218.010 - Regsvr32
  • T1606.002 - SAML Tokens
  • T1187 - Forced Authentication
  • T1558 - Steal or Forge Kerberos Tickets
  • T1027.018 - Invisible Unicode
  • T1573 - Encrypted Channel
  • T1091 - Replication Through Removable Media
  • T1199 - Trusted Relationship
MITREへのリンク →

Kimsuky

Score: 0.78
Matched TTPs:
  • T1132.002 - Non-Standard Encoding
  • T1003.003 - NTDS
  • T1562.013 - Disable or Modify Network Device Firewall
  • T1608.005 - Link Target
  • T1197 - BITS Jobs
  • T1606.002 - SAML Tokens
  • T1552.003 - Shell History
  • T1027.018 - Invisible Unicode
  • T1091 - Replication Through Removable Media
  • T1199 - Trusted Relationship
MITREへのリンク →

Mustang Panda

Score: 0.71
Matched TTPs:
  • T1055.005 - Thread Local Storage
  • T1218.010 - Regsvr32
  • T1608.005 - Link Target
  • T1606.002 - SAML Tokens
  • T1677 - Poisoned Pipeline Execution
  • T1027.018 - Invisible Unicode
  • T1091 - Replication Through Removable Media
  • T1199 - Trusted Relationship
  • T1136.001 - Local Account
MITREへのリンク →

Contagious Interview

Score: 0.63
Matched TTPs:
  • T1021.006 - Windows Remote Management
  • T1547.008 - LSASS Driver
  • T1608.005 - Link Target
  • T1606.002 - SAML Tokens
  • T1552.003 - Shell History
  • T1558 - Steal or Forge Kerberos Tickets
  • T1027.018 - Invisible Unicode
  • T1091 - Replication Through Removable Media
  • T1199 - Trusted Relationship
MITREへのリンク →

Lazarus Group

Score: 0.61
Matched TTPs:
  • T1547.008 - LSASS Driver
  • T1055.005 - Thread Local Storage
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
  • T1608.005 - Link Target
  • T1606.002 - SAML Tokens
  • T1677 - Poisoned Pipeline Execution
  • T1199 - Trusted Relationship
MITREへのリンク →

FIN7

Score: 0.59
Matched TTPs:
  • T1608.005 - Link Target
  • T1606.002 - SAML Tokens
  • T1011.001 - Exfiltration Over Bluetooth
  • T1027.018 - Invisible Unicode
  • T1573 - Encrypted Channel
  • T1091 - Replication Through Removable Media
  • T1199 - Trusted Relationship
MITREへのリンク →

OilRig

Score: 0.55
Matched TTPs:
  • T1547.008 - LSASS Driver
  • T1005 - Data from Local System
  • T1218.010 - Regsvr32
  • T1606.002 - SAML Tokens
  • T1558 - Steal or Forge Kerberos Tickets
  • T1027.018 - Invisible Unicode
  • T1091 - Replication Through Removable Media
  • T1199 - Trusted Relationship
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る