Trusted Design

ANGLER EK PUSHES BEDEP AND NECURS

概要

"We’re seeing another uptick in WordPress compromises, using a slightly different modus operandi than the EITest campaign we recently blogged about, being responsible for a large number of infections via the Angler exploit kit. The website of popular magazine Reader’s Digest is one of the victims of this campaign and people who have visited the portal recently should make sure they have not been infected. The payload we observed at the time of capture was Bedep which loaded Necurs a backdoor Trojan, but that of course can change from day to day."

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

BEDEP LURKING IN ANGLER'S SHADOWS (score: 0.77)
ISC 2016-04-23: Angler Exploit Kit, Bedep, and CryptXXX (score: 0.70)
Angler EK installs bedep, vawtrak and POS malware (score: 0.69)
Ongoing Angler Exploit Kit and Bedep Fraud Campaign (score: 0.69)
Bedep Ad-Fraud Botnet Analysis (score: 0.68)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 9.76

Matched TTPs:

T1491.002 - External Defacement
T1203 - Exploitation for Client Execution
T1588.005 - Exploits

MITREへのリンク →

Sandworm Team

Score: 8.46

Matched TTPs:

T1491.002 - External Defacement
T1203 - Exploitation for Client Execution
T1584.004 - Server

MITREへのリンク →

Mustard Tempest

Score: 9.34

Matched TTPs:

T1583.008 - Malvertising
T1608.004 - Drive-by Target
T1189 - Drive-by Compromise

MITREへのリンク →

Transparent Tribe

Score: 6.29

Matched TTPs:

T1608.004 - Drive-by Target
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

LuminousMoth

Score: 3.03

Matched TTPs:

T1608.004 - Drive-by Target

MITREへのリンク →

Dragonfly

Score: 9.13

Matched TTPs:

T1608.004 - Drive-by Target
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1584.004 - Server

MITREへのリンク →

CURIUM

Score: 7.39

Matched TTPs:

T1608.004 - Drive-by Target
T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

APT32

Score: 10.14

Matched TTPs:

T1608.004 - Drive-by Target
T1550.003 - Pass the Ticket
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

FIN7

Score: 5.63

Matched TTPs:

T1608.004 - Drive-by Target
T1124 - System Time Discovery

MITREへのリンク →

Threat Group-3390

Score: 6.29

Matched TTPs:

T1608.004 - Drive-by Target
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1659 - Content Injection

MITREへのリンク →

Fox Kitten

Score: 3.29

Matched TTPs:

T1217 - Browser Information Discovery

MITREへのリンク →

Volt Typhoon

Score: 8.71

Matched TTPs:

T1217 - Browser Information Discovery
T1584.004 - Server
T1124 - System Time Discovery

MITREへのリンク →

APT38

Score: 5.05

Matched TTPs:

T1217 - Browser Information Discovery
T1189 - Drive-by Compromise

MITREへのリンク →

Scattered Spider

Score: 7.13

Matched TTPs:

T1217 - Browser Information Discovery
T1621 - Multi-Factor Authentication Request Generation

MITREへのリンク →

Moonstone Sleet

Score: 3.29

Matched TTPs:

T1217 - Browser Information Discovery

MITREへのリンク →

Chimera

Score: 5.88

Matched TTPs:

T1217 - Browser Information Discovery
T1124 - System Time Discovery

MITREへのリンク →

Winter Vivern

Score: 6.30

Matched TTPs:

T1056.003 - Web Portal Capture
T1189 - Drive-by Compromise

MITREへのリンク →

APT29

Score: 9.18

Matched TTPs:

T1550.003 - Pass the Ticket
T1621 - Multi-Factor Authentication Request Generation
T1203 - Exploitation for Client Execution

MITREへのリンク →

BRONZE BUTLER

Score: 9.70

Matched TTPs:

T1550.003 - Pass the Ticket
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

LAPSUS$

Score: 3.84

Matched TTPs:

T1621 - Multi-Factor Authentication Request Generation

MITREへのリンク →

Gamaredon Group

Score: 4.54

Matched TTPs:

T1001 - Data Obfuscation

MITREへのリンク →

APT42

Score: 3.84

Matched TTPs:

T1056 - Input Capture

MITREへのリンク →

Storm-1811

Score: 3.84

Matched TTPs:

T1056 - Input Capture

MITREへのリンク →

APT39

Score: 3.84

Matched TTPs:

T1056 - Input Capture

MITREへのリンク →

Sidewinder

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

APT28

Score: 7.80

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1137.002 - Office Test

MITREへのリンク →

Andariel

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

The White Company

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Lazarus Group

Score: 12.82

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1584.004 - Server
T1027.007 - Dynamic API Resolution
T1124 - System Time Discovery

MITREへのリンク →

Patchwork

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Axiom

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Higaisa

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Leviathan

Score: 6.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1584.004 - Server

MITREへのリンク →

APT37

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Mustang Panda

Score: 5.63

Matched TTPs:

T1203 - Exploitation for Client Execution
T1027.007 - Dynamic API Resolution

MITREへのリンク →

UNC3886

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Elderwood

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Darkhotel

Score: 5.85

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

OilRig

Score: 6.03

Matched TTPs:

T1203 - Exploitation for Client Execution
T1137.004 - Outlook Home Page

MITREへのリンク →

Earth Lusca

Score: 4.60

Matched TTPs:

T1189 - Drive-by Compromise
T1584.004 - Server

MITREへのリンク →

Turla

Score: 7.19

Matched TTPs:

T1189 - Drive-by Compromise
T1584.004 - Server
T1124 - System Time Discovery

MITREへのリンク →

Daggerfly

Score: 4.60

Matched TTPs:

T1189 - Drive-by Compromise
T1584.004 - Server

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Kimsuky

Score: 4.13

Matched TTPs:

T1588.005 - Exploits

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.79

Matched TTPs:

T1027.007 - Dynamic API Resolution
T1189 - Drive-by Compromise
T1203 - Exploitation for Client Execution
T1584.004 - Server
T1124 - System Time Discovery

MITREへのリンク →

APT32

Score: 0.69

Matched TTPs:

T1608.004 - Drive-by Target
T1550.003 - Pass the Ticket
T1189 - Drive-by Compromise
T1203 - Exploitation for Client Execution

MITREへのリンク →

Mustard Tempest

Score: 0.63

Matched TTPs:

T1608.004 - Drive-by Target
T1189 - Drive-by Compromise
T1583.008 - Malvertising

MITREへのリンク →

Ember Bear

Score: 0.61

Matched TTPs:

T1491.002 - External Defacement
T1588.005 - Exploits
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT29

Score: 0.60

Matched TTPs:

T1203 - Exploitation for Client Execution
T1550.003 - Pass the Ticket
T1621 - Multi-Factor Authentication Request Generation

MITREへのリンク →

BRONZE BUTLER

Score: 0.59

Matched TTPs:

T1124 - System Time Discovery
T1550.003 - Pass the Ticket
T1189 - Drive-by Compromise
T1203 - Exploitation for Client Execution

MITREへのリンク →

Dragonfly

Score: 0.59

Matched TTPs:

T1584.004 - Server
T1608.004 - Drive-by Target
T1189 - Drive-by Compromise
T1203 - Exploitation for Client Execution

MITREへのリンク →

Sandworm Team

Score: 0.59

Matched TTPs:

T1584.004 - Server
T1491.002 - External Defacement
T1203 - Exploitation for Client Execution

MITREへのリンク →

Volt Typhoon

Score: 0.56

Matched TTPs:

T1124 - System Time Discovery
T1584.004 - Server
T1217 - Browser Information Discovery

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る