Trusted Design

STRONTIUM: A profile of a persistent and motivated adversary

概要

STRONTIUM has been active since at least 2007. Whereas most modern untargeted malware is ultimately profit-oriented, STRONTIUM mainly seeks sensitive information. Its primary institutional targets have included government bodies, diplomatic institutions, and military forces and installations in NATO member states and certain Eastern European countries. Additional targets have included journalists, political advisors, and organizations associated with political activism in central Asia. STRONTIUM is Microsoft’s code name for this group, following its internal practice of assigning chemical element names to activity groups; other researchers have used code names such as APT28, Sednit, Sofacy and Fancy Bear as labels for a group or groups .

Created: 2026-02-23

Indicators

CVE - CVE-2015-4902 -
CVE - CVE-2014-3897 -
CVE - CVE-2015-2387 -
CVE - CVE-2014-1776 -
CVE - CVE-2015-1701 -
CVE - CVE-2015-2424 -
CVE - CVE-2015-7645 -
domain - osce-press.com -
CVE - CVE-2015-1641 -
hostname - accounts.g00gle.com -
domain - bbc-press.org -
CVE - CVE-2014-6332 -
domain - mail-ukr.net -
domain - us-mg6mailyahoo.com -
domain - nato-news.com -
CVE - CVE-2015-5119 -
domain - electronicfrontierfoundation.org -
CVE - CVE-2015-3043 -
domain - privacy-live.com -
CVE - CVE-2015-2590 -

類似Pulses

Sofacy APT hits high profile targets (score: 0.54)
Sofacy APT hits high profile targets with updated toolset (score: 0.52)
New Targeted Attack Group Buys BIFROSE Code, Works in Teams (score: 0.52)
A Look Into Fysbis: Sofacy’s Linux Backdoor (score: 0.51)
Operation Molerats: Middle East Cyber Attacks Using Poison Ivy (score: 0.50)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 7.75

Matched TTPs:

T1491.002 - External Defacement
T1114 - Email Collection

MITREへのリンク →

Sandworm Team

Score: 11.32

Matched TTPs:

T1491.002 - External Defacement
T1587.001 - Malware
T1199 - Trusted Relationship
T1003.003 - NTDS

MITREへのリンク →

Silent Librarian

Score: 3.62

Matched TTPs:

T1114 - Email Collection

MITREへのリンク →

Magic Hound

Score: 11.86

Matched TTPs:

T1114 - Email Collection
T1036.004 - Masquerade Task or Service
T1036.010 - Masquerade Account Name
T1566.003 - Spearphishing via Service

MITREへのリンク →

Scattered Spider

Score: 10.09

Matched TTPs:

T1114 - Email Collection
T1556.009 - Conditional Access Policies
T1003.003 - NTDS

MITREへのリンク →

Kimsuky

Score: 14.02

Matched TTPs:

T1587.001 - Malware
T1036.004 - Masquerade Task or Service
T1588.003 - Code Signing Certificates
T1587 - Develop Capabilities
T1680 - Local Storage Discovery

MITREへのリンク →

FIN13

Score: 9.46

Matched TTPs:

T1587.001 - Malware
T1036.004 - Masquerade Task or Service
T1003.003 - NTDS
T1090.001 - Internal Proxy

MITREへのリンク →

Moonstone Sleet

Score: 8.46

Matched TTPs:

T1587.001 - Malware
T1587 - Develop Capabilities
T1566.003 - Spearphishing via Service

MITREへのリンク →

Lazarus Group

Score: 19.20

Matched TTPs:

T1587.001 - Malware
T1036.004 - Masquerade Task or Service
T1027.007 - Dynamic API Resolution
T1680 - Local Storage Discovery
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service
T1090.001 - Internal Proxy

MITREへのリンク →

Contagious Interview

Score: 12.60

Matched TTPs:

T1587.001 - Malware
T1681 - Search Threat Vendor Data
T1587 - Develop Capabilities
T1566.003 - Spearphishing via Service

MITREへのリンク →

OilRig

Score: 10.92

Matched TTPs:

T1587.001 - Malware
T1069.001 - Local Groups
T1588.003 - Code Signing Certificates
T1566.003 - Spearphishing via Service

MITREへのリンク →

UNC3886

Score: 10.92

Matched TTPs:

T1587.001 - Malware
T1681 - Search Threat Vendor Data
T1036.004 - Masquerade Task or Service
T1124 - System Time Discovery

MITREへのリンク →

APT29

Score: 11.90

Matched TTPs:

T1587.001 - Malware
T1556.007 - Hybrid Identity
T1199 - Trusted Relationship
T1566.003 - Spearphishing via Service

MITREへのリンク →

RedCurl

Score: 4.84

Matched TTPs:

T1587.001 - Malware
T1199 - Trusted Relationship

MITREへのリンク →

Turla

Score: 10.77

Matched TTPs:

T1587.001 - Malware
T1069.001 - Local Groups
T1124 - System Time Discovery
T1090.001 - Internal Proxy

MITREへのリンク →

Ke3chang

Score: 4.44

Matched TTPs:

T1587.001 - Malware
T1003.003 - NTDS

MITREへのリンク →

Mustang Panda

Score: 11.72

Matched TTPs:

T1587.001 - Malware
T1588.003 - Code Signing Certificates
T1027.007 - Dynamic API Resolution
T1003.003 - NTDS

MITREへのリンク →

TeamTNT

Score: 4.93

Matched TTPs:

T1587.001 - Malware
T1680 - Local Storage Discovery

MITREへのリンク →

FIN7

Score: 6.78

Matched TTPs:

T1587.001 - Malware
T1036.004 - Masquerade Task or Service
T1124 - System Time Discovery

MITREへのリンク →

Higaisa

Score: 18.14

Matched TTPs:

T1029 - Scheduled Transfer
T1036.004 - Masquerade Task or Service
T1680 - Local Storage Discovery
T1124 - System Time Discovery
T1090.001 - Internal Proxy
T1027.015 - Compression

MITREへのリンク →

Wizard Spider

Score: 11.72

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1552.006 - Group Policy Preferences
T1588.003 - Code Signing Certificates
T1003.003 - NTDS

MITREへのリンク →

FIN6

Score: 6.96

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1003.003 - NTDS
T1566.003 - Spearphishing via Service

MITREへのリンク →

Fox Kitten

Score: 4.44

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1003.003 - NTDS

MITREへのリンク →

ZIRCONIUM

Score: 4.69

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1124 - System Time Discovery

MITREへのリンク →

Storm-0501

Score: 6.23

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1556.009 - Conditional Access Policies

MITREへのリンク →

APT41

Score: 4.44

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1003.003 - NTDS

MITREへのリンク →

APT33

Score: 4.13

Matched TTPs:

T1552.006 - Group Policy Preferences

MITREへのリンク →

APT28

Score: 5.09

Matched TTPs:

T1199 - Trusted Relationship
T1003.003 - NTDS

MITREへのリンク →

Threat Group-3390

Score: 9.05

Matched TTPs:

T1199 - Trusted Relationship
T1588.003 - Code Signing Certificates
T1027.015 - Compression

MITREへのリンク →

menuPass

Score: 5.09

Matched TTPs:

T1199 - Trusted Relationship
T1003.003 - NTDS

MITREへのリンク →

HAFNIUM

Score: 5.09

Matched TTPs:

T1199 - Trusted Relationship
T1003.003 - NTDS

MITREへのリンク →

LAPSUS$

Score: 5.09

Matched TTPs:

T1199 - Trusted Relationship
T1003.003 - NTDS

MITREへのリンク →

Tonto Team

Score: 3.15

Matched TTPs:

T1069.001 - Local Groups

MITREへのリンク →

HEXANE

Score: 3.15

Matched TTPs:

T1069.001 - Local Groups

MITREへのリンク →

admin@338

Score: 3.15

Matched TTPs:

T1069.001 - Local Groups

MITREへのリンク →

Chimera

Score: 10.92

Matched TTPs:

T1069.001 - Local Groups
T1003.003 - NTDS
T1680 - Local Storage Discovery
T1124 - System Time Discovery

MITREへのリンク →

Volt Typhoon

Score: 13.85

Matched TTPs:

T1069.001 - Local Groups
T1003.003 - NTDS
T1680 - Local Storage Discovery
T1124 - System Time Discovery
T1090.001 - Internal Proxy

MITREへのリンク →

Storm-1811

Score: 6.14

Matched TTPs:

T1036.010 - Masquerade Account Name
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 5.96

Matched TTPs:

T1036.010 - Masquerade Account Name
T1003.003 - NTDS

MITREへのリンク →

APT3

Score: 3.62

Matched TTPs:

T1036.010 - Masquerade Account Name

MITREへのリンク →

Mustard Tempest

Score: 4.54

Matched TTPs:

T1608.006 - SEO Poisoning

MITREへのリンク →

BlackTech

Score: 3.15

Matched TTPs:

T1588.003 - Code Signing Certificates

MITREへのリンク →

FIN8

Score: 3.15

Matched TTPs:

T1588.003 - Code Signing Certificates

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1001.002 - Steganography

MITREへのリンク →

ToddyCat

Score: 5.36

Matched TTPs:

T1680 - Local Storage Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

CURIUM

Score: 5.12

Matched TTPs:

T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Molerats

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Gamaredon Group

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

TA2541

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Mofang

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

Leviathan

Score: 3.15

Matched TTPs:

T1027.015 - Compression

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.84

Matched TTPs:

T1587.001 - Malware
T1124 - System Time Discovery
T1680 - Local Storage Discovery
T1027.007 - Dynamic API Resolution
T1090.001 - Internal Proxy
T1036.004 - Masquerade Task or Service
T1566.003 - Spearphishing via Service

MITREへのリンク →

Higaisa

Score: 0.76

Matched TTPs:

T1124 - System Time Discovery
T1680 - Local Storage Discovery
T1029 - Scheduled Transfer
T1090.001 - Internal Proxy
T1036.004 - Masquerade Task or Service
T1027.015 - Compression

MITREへのリンク →

Kimsuky

Score: 0.63

Matched TTPs:

T1587.001 - Malware
T1588.003 - Code Signing Certificates
T1680 - Local Storage Discovery
T1587 - Develop Capabilities
T1036.004 - Masquerade Task or Service

MITREへのリンク →

Volt Typhoon

Score: 0.62

Matched TTPs:

T1069.001 - Local Groups
T1124 - System Time Discovery
T1680 - Local Storage Discovery
T1090.001 - Internal Proxy
T1003.003 - NTDS

MITREへのリンク →

APT29

Score: 0.55

Matched TTPs:

T1556.007 - Hybrid Identity
T1199 - Trusted Relationship
T1587.001 - Malware
T1566.003 - Spearphishing via Service

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る