Trusted Design

TDrop2 Attacks Suggest Dark Seoul Attackers Return

概要

In March 2013, the country of South Korea experienced a major cyberattack, affecting tens of thousands of computer systems in the financial and broadcasting industries. This attack was dubbed ‘Dark Seoul’; it involved wreaking havoc on affected systems by wiping their hard drives, in addition to seeking military intelligence. The attack was initially thought to be attributed to North Korea, by way of a Chinese IP found during the attack, but no other strong evidence of North Korea’s involvement has been produced since then. In June 2013, McAfee published a report detailing the chronology and variance of the Dark Seoul campaign, but renamed it ‘Operation Troy’. The report analyzed the entirety of the purported attack campaign, beginning in 2009 using a family of tools dubbed ‘Troy’.

Created: 2026-02-23

Indicators

類似Pulses

FortiGuard Lion: A Peek into BlackMoon’s Sustained Attacks against South Korea (score: 0.60)
South Korea NIS’s use of Hacking Team’s RCS (score: 0.59)
Chinese Actors attacks on US Government and EU Media (score: 0.59)
Operation Armageddon (score: 0.59)
Targeted Attack Distributes PlugX in Russia (score: 0.58)

このPulseに関連する脅威アクター (事実ベース)

Tonto Team

Score: 3.17

Matched TTPs:

T1135 - Network Share Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT39

Score: 3.17

Matched TTPs:

T1135 - Network Share Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT32

Score: 11.13

Matched TTPs:

T1135 - Network Share Discovery
T1550.003 - Pass the Ticket
T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT41

Score: 5.27

Matched TTPs:

T1135 - Network Share Discovery
T1036.004 - Masquerade Task or Service
T1105 - Ingress Tool Transfer

MITREへのリンク →

Medusa Group

Score: 15.46

Matched TTPs:

T1135 - Network Share Discovery
T1608.002 - Upload Tool
T1657 - Financial Theft
T1583.006 - Web Services
T1105 - Ingress Tool Transfer
T1529 - System Shutdown/Reboot

MITREへのリンク →

Chimera

Score: 3.17

Matched TTPs:

T1135 - Network Share Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT38

Score: 6.80

Matched TTPs:

T1135 - Network Share Discovery
T1105 - Ingress Tool Transfer
T1529 - System Shutdown/Reboot

MITREへのリンク →

BlackByte

Score: 6.33

Matched TTPs:

T1135 - Network Share Discovery
T1055.012 - Process Hollowing
T1105 - Ingress Tool Transfer

MITREへのリンク →

FIN13

Score: 7.79

Matched TTPs:

T1135 - Network Share Discovery
T1036.004 - Masquerade Task or Service
T1657 - Financial Theft
T1105 - Ingress Tool Transfer

MITREへのリンク →

Tropic Trooper

Score: 3.17

Matched TTPs:

T1135 - Network Share Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

INC Ransom

Score: 5.70

Matched TTPs:

T1135 - Network Share Discovery
T1657 - Financial Theft
T1105 - Ingress Tool Transfer

MITREへのリンク →

Dragonfly

Score: 3.17

Matched TTPs:

T1135 - Network Share Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

Wizard Spider

Score: 5.27

Matched TTPs:

T1135 - Network Share Discovery
T1036.004 - Masquerade Task or Service
T1105 - Ingress Tool Transfer

MITREへのリンク →

Threat Group-3390

Score: 8.06

Matched TTPs:

T1608.002 - Upload Tool
T1055.012 - Process Hollowing
T1105 - Ingress Tool Transfer

MITREへのリンク →

UNC3886

Score: 6.23

Matched TTPs:

T1681 - Search Threat Vendor Data
T1036.004 - Masquerade Task or Service

MITREへのリンク →

Contagious Interview

Score: 8.67

Matched TTPs:

T1681 - Search Threat Vendor Data
T1657 - Financial Theft
T1583.006 - Web Services

MITREへのリンク →

APT29

Score: 6.63

Matched TTPs:

T1550.003 - Pass the Ticket
T1583.006 - Web Services
T1105 - Ingress Tool Transfer

MITREへのリンク →

BRONZE BUTLER

Score: 4.62

Matched TTPs:

T1550.003 - Pass the Ticket
T1105 - Ingress Tool Transfer

MITREへのリンク →

Kimsuky

Score: 10.56

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1657 - Financial Theft
T1583.006 - Web Services
T1055.012 - Process Hollowing
T1105 - Ingress Tool Transfer

MITREへのリンク →

FIN7

Score: 4.88

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1105 - Ingress Tool Transfer

MITREへのリンク →

ZIRCONIUM

Score: 4.88

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1105 - Ingress Tool Transfer

MITREへのリンク →

Magic Hound

Score: 4.88

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1105 - Ingress Tool Transfer

MITREへのリンク →

Lazarus Group

Score: 12.64

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1105 - Ingress Tool Transfer
T1027.007 - Dynamic API Resolution
T1529 - System Shutdown/Reboot

MITREへのリンク →

Storm-0501

Score: 4.62

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1657 - Financial Theft

MITREへのリンク →

Cinnamon Tempest

Score: 3.30

Matched TTPs:

T1657 - Financial Theft
T1105 - Ingress Tool Transfer

MITREへのリンク →

Scattered Spider

Score: 3.30

Matched TTPs:

T1657 - Financial Theft
T1105 - Ingress Tool Transfer

MITREへのリンク →

Play

Score: 3.30

Matched TTPs:

T1657 - Financial Theft
T1105 - Ingress Tool Transfer

MITREへのリンク →

Mustang Panda

Score: 6.92

Matched TTPs:

T1583.006 - Web Services
T1105 - Ingress Tool Transfer
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT28

Score: 7.33

Matched TTPs:

T1583.006 - Web Services
T1498 - Network Denial of Service
T1105 - Ingress Tool Transfer

MITREへのリンク →

TA2541

Score: 5.94

Matched TTPs:

T1583.006 - Web Services
T1055.012 - Process Hollowing
T1105 - Ingress Tool Transfer

MITREへのリンク →

Gorgon Group

Score: 3.93

Matched TTPs:

T1055.012 - Process Hollowing
T1105 - Ingress Tool Transfer

MITREへのリンク →

Patchwork

Score: 3.93

Matched TTPs:

T1055.012 - Process Hollowing
T1105 - Ingress Tool Transfer

MITREへのリンク →

menuPass

Score: 3.93

Matched TTPs:

T1055.012 - Process Hollowing
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT37

Score: 4.40

Matched TTPs:

T1105 - Ingress Tool Transfer
T1529 - System Shutdown/Reboot

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Medusa Group

Score: 0.80

Matched TTPs:

T1657 - Financial Theft
T1135 - Network Share Discovery
T1583.006 - Web Services
T1105 - Ingress Tool Transfer
T1608.002 - Upload Tool
T1529 - System Shutdown/Reboot

MITREへのリンク →

Lazarus Group

Score: 0.76

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1105 - Ingress Tool Transfer
T1529 - System Shutdown/Reboot

MITREへのリンク →

Kimsuky

Score: 0.65

Matched TTPs:

T1657 - Financial Theft
T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1055.012 - Process Hollowing
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT32

Score: 0.64

Matched TTPs:

T1135 - Network Share Discovery
T1036.004 - Masquerade Task or Service
T1583.006 - Web Services
T1550.003 - Pass the Ticket
T1105 - Ingress Tool Transfer

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る