Trusted Design

The Casino Malvertising Campaign

概要

This malvertising attack preyed on visitors to sketchy websites offering anything from torrents of copyrighted movies, live streams of the latest flicks, or pirated software. The malicious ads would automatically (no click required) redirect users to a casino website used as decoy to silently load malicious iframes from disposable domains which ultimately lead to the Angler exploit kit. In one case, the casino website was a direct gateway to Angler EK.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Volt Typhoon

Score: 8.16
Matched TTPs:
  • T1592 - Gather Victim Host Information
  • T1584.008 - Network Devices
MITREへのリンク →

Ember Bear

Score: 9.76
Matched TTPs:
  • T1491.002 - External Defacement
  • T1203 - Exploitation for Client Execution
  • T1588.005 - Exploits
MITREへのリンク →

Sandworm Team

Score: 18.23
Matched TTPs:
  • T1491.002 - External Defacement
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT28

Score: 29.70
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
  • T1137.002 - Office Test
  • T1204.001 - Malicious Link
  • T1550.001 - Application Access Token
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

ZIRCONIUM

Score: 12.42
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Leviathan

Score: 11.20
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 21.94
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1608.006 - SEO Poisoning
  • T1204.001 - Malicious Link
  • T1584.001 - Domains
MITREへのリンク →

APT42

Score: 9.48
Matched TTPs:
  • T1547 - Boot or Logon Autostart Execution
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
MITREへのリンク →

Kimsuky

Score: 22.72
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
  • T1588.005 - Exploits
  • T1584.001 - Domains
MITREへのリンク →

BlackTech

Score: 4.30
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

MuddyWater

Score: 6.31
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

LuminousMoth

Score: 10.48
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

Confucius

Score: 6.31
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Sidewinder

Score: 6.76
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Elderwood

Score: 6.07
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Machete

Score: 4.57
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN7

Score: 14.01
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

Transparent Tribe

Score: 16.57
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
  • T1584.001 - Domains
MITREへのリンク →

Mustang Panda

Score: 14.93
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

APT32

Score: 19.73
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

APT3

Score: 4.30
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT1

Score: 6.25
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1584.001 - Domains
MITREへのリンク →

Lazarus Group

Score: 10.90
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT33

Score: 4.30
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

EXOTIC LILY

Score: 7.79
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Magic Hound

Score: 17.69
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1592.002 - Software
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1584.001 - Domains
MITREへのリンク →

OilRig

Score: 7.79
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Windshift

Score: 4.57
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Cobalt Group

Score: 4.30
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT29

Score: 6.31
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

TA2541

Score: 8.31
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 13.70
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

RedCurl

Score: 5.47
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1564.001 - Hidden Files and Directories
  • T1204.001 - Malicious Link
MITREへのリンク →

Turla

Score: 10.21
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Patchwork

Score: 8.52
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

TA505

Score: 6.30
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1204.001 - Malicious Link
MITREへのリンク →

LazyScripter

Score: 8.31
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Scattered Spider

Score: 8.11
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1204 - User Execution
MITREへのリンク →

Silent Librarian

Score: 3.98
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
MITREへのリンク →

Star Blizzard

Score: 5.95
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
MITREへのリンク →

Moonstone Sleet

Score: 5.95
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
MITREへのリンク →

CURIUM

Score: 12.40
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1583.001 - Domains
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

Dragonfly

Score: 10.27
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.004 - Drive-by Target
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Threat Group-3390

Score: 9.78
Matched TTPs:
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

TeamTNT

Score: 3.49
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
MITREへのリンク →

Gamaredon Group

Score: 6.86
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

SideCopy

Score: 5.26
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1584.001 - Domains
MITREへのリンク →

BITTER

Score: 4.98
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

HEXANE

Score: 3.49
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
MITREへのリンク →

Saint Bear

Score: 6.84
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

Contagious Interview

Score: 6.86
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

IndigoZebra

Score: 3.53
Matched TTPs:
  • T1583.001 - Domains
  • T1583.006 - Web Services
MITREへのリンク →

Sea Turtle

Score: 3.01
Matched TTPs:
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT38

Score: 4.64
Matched TTPs:
  • T1583.001 - Domains
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Winter Vivern

Score: 12.80
Matched TTPs:
  • T1583.001 - Domains
  • T1056.003 - Web Portal Capture
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

HAFNIUM

Score: 13.35
Matched TTPs:
  • T1592.004 - Client Configurations
  • T1583.006 - Web Services
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
MITREへのリンク →

Medusa Group

Score: 6.55
Matched TTPs:
  • T1583.006 - Web Services
  • T1218.014 - MMC
MITREへのリンク →

TA578

Score: 3.37
Matched TTPs:
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

LAPSUS$

Score: 4.13
Matched TTPs:
  • T1204 - User Execution
MITREへのリンク →

Andariel

Score: 7.10
Matched TTPs:
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Axiom

Score: 7.80
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1001.002 - Steganography
MITREへのリンク →

APT37

Score: 3.26
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

BRONZE BUTLER

Score: 3.26
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Tropic Trooper

Score: 4.16
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Darkhotel

Score: 3.26
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Daggerfly

Score: 3.13
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Velvet Ant

Score: 4.13
Matched TTPs:
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.77
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1211 - Exploitation for Defense Evasion
  • T1583.006 - Web Services
  • T1583.001 - Domains
  • T1564.001 - Hidden Files and Directories
  • T1137.002 - Office Test
  • T1584.008 - Network Devices
  • T1550.001 - Application Access Token
  • T1189 - Drive-by Compromise
  • T1598.003 - Spearphishing Link
MITREへのリンク →

Mustard Tempest

Score: 0.62
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1204.001 - Malicious Link
  • T1608.006 - SEO Poisoning
  • T1608.004 - Drive-by Target
  • T1583.008 - Malvertising
  • T1608.001 - Upload Malware
  • T1584.001 - Domains
  • T1189 - Drive-by Compromise
MITREへのリンク →

Kimsuky

Score: 0.58
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1566.002 - Spearphishing Link
  • T1204.001 - Malicious Link
  • T1583.006 - Web Services
  • T1583.001 - Domains
  • T1588.005 - Exploits
  • T1608.001 - Upload Malware
  • T1584.001 - Domains
  • T1598.003 - Spearphishing Link
MITREへのリンク →

APT32

Score: 0.58
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1566.002 - Spearphishing Link
  • T1204.001 - Malicious Link
  • T1583.006 - Web Services
  • T1583.001 - Domains
  • T1564.001 - Hidden Files and Directories
  • T1608.004 - Drive-by Target
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1598.003 - Spearphishing Link
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る