Trusted Design

China-based Cyber Threat Group Targets Hong Kong Media Outlets

概要

FireEye Threat Intelligence analysts identified a spear phishing campaign carried out in August 2015 targeting Hong Kong-based media organizations. A China-based cyber threat group, which FireEye tracks as an uncategorized advanced persistent threat (APT) group and other researchers refer to as “admin@338,” may have conduced the activity.[1] The email messages contained malicious documents with a malware payload called LOWBALL. LOWBALL abuses the Dropbox cloud storage service for command and control (CnC). We collaborated with Dropbox to investigate the threat, and our cooperation revealed what may be a second, similar operation. The attack is part of a trend where threat groups hide malicious activity by communicating with legitimate web services such as social networking and cloud storage sites to foil detection efforts.[2][3]

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Contagious Interview

Score: 38.85
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1681 - Search Threat Vendor Data
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1585.001 - Social Media Accounts
  • T1593.001 - Social Media
  • T1567.002 - Exfiltration to Cloud Storage
  • T1656 - Impersonation
  • T1204.004 - Malicious Copy and Paste
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ember Bear

Score: 9.82
Matched TTPs:
  • T1491.002 - External Defacement
  • T1119 - Automated Collection
  • T1203 - Exploitation for Client Execution
  • T1567.002 - Exfiltration to Cloud Storage
MITREへのリンク →

Sandworm Team

Score: 32.93
Matched TTPs:
  • T1491.002 - External Defacement
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1591.002 - Business Relationships
  • T1199 - Trusted Relationship
  • T1593 - Search Open Websites/Domains
  • T1585.001 - Social Media Accounts
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Volt Typhoon

Score: 19.56
Matched TTPs:
  • T1584.008 - Network Devices
  • T1591 - Gather Victim Org Information
  • T1069.001 - Local Groups
  • T1593 - Search Open Websites/Domains
  • T1591.004 - Identify Roles
  • T1124 - System Time Discovery
MITREへのリンク →

APT28

Score: 41.03
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1199 - Trusted Relationship
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1189 - Drive-by Compromise
  • T1221 - Template Injection
  • T1078.004 - Cloud Accounts
  • T1669 - Wi-Fi Networks
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

ZIRCONIUM

Score: 19.98
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1567.002 - Exfiltration to Cloud Storage
  • T1598 - Phishing for Information
  • T1124 - System Time Discovery
MITREへのリンク →

Leviathan

Score: 21.31
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1585.001 - Social Media Accounts
  • T1203 - Exploitation for Client Execution
  • T1567.002 - Exfiltration to Cloud Storage
  • T1189 - Drive-by Compromise
MITREへのリンク →

Kimsuky

Score: 54.01
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1564.002 - Hidden Users
  • T1591 - Gather Victim Org Information
  • T1534 - Internal Spearphishing
  • T1593 - Search Open Websites/Domains
  • T1566 - Phishing
  • T1585.001 - Social Media Accounts
  • T1593.001 - Social Media
  • T1102.002 - Bidirectional Communication
  • T1567.002 - Exfiltration to Cloud Storage
  • T1656 - Impersonation
  • T1598 - Phishing for Information
  • T1102.001 - Dead Drop Resolver
  • T1078.003 - Local Accounts
MITREへのリンク →

FIN13

Score: 4.62
Matched TTPs:
  • T1587.001 - Malware
  • T1657 - Financial Theft
MITREへのリンク →

Moonstone Sleet

Score: 21.39
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1598 - Phishing for Information
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 4.11
Matched TTPs:
  • T1587.001 - Malware
  • T1567.002 - Exfiltration to Cloud Storage
MITREへのリンク →

Lazarus Group

Score: 30.80
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1189 - Drive-by Compromise
  • T1027.007 - Dynamic API Resolution
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 15.74
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1608.001 - Upload Malware
  • T1069.001 - Local Groups
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 10.31
Matched TTPs:
  • T1587.001 - Malware
  • T1681 - Search Threat Vendor Data
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

LuminousMoth

Score: 7.53
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1567.002 - Exfiltration to Cloud Storage
MITREへのリンク →

APT29

Score: 23.32
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.003 - Cloud Accounts
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
  • T1078.004 - Cloud Accounts
  • T1566.003 - Spearphishing via Service
  • T1078.003 - Local Accounts
MITREへのリンク →

Play

Score: 7.28
Matched TTPs:
  • T1587.001 - Malware
  • T1657 - Financial Theft
  • T1078.003 - Local Accounts
MITREへのリンク →

Aoqin Dragon

Score: 3.59
Matched TTPs:
  • T1587.001 - Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 9.35
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1199 - Trusted Relationship
MITREへのリンク →

Cleaver

Score: 4.44
Matched TTPs:
  • T1587.001 - Malware
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Turla

Score: 23.76
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1583.006 - Web Services
  • T1069.001 - Local Groups
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1567.002 - Exfiltration to Cloud Storage
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
  • T1078.003 - Local Accounts
MITREへのリンク →

Ke3chang

Score: 9.61
Matched TTPs:
  • T1587.001 - Malware
  • T1119 - Automated Collection
  • T1569.002 - Service Execution
  • T1078.004 - Cloud Accounts
MITREへのリンク →

Mustang Panda

Score: 27.82
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1203 - Exploitation for Client Execution
  • T1567.002 - Exfiltration to Cloud Storage
  • T1001.003 - Protocol or Service Impersonation
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

TeamTNT

Score: 4.07
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
MITREへのリンク →

FIN7

Score: 27.38
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1102.002 - Bidirectional Communication
  • T1567.002 - Exfiltration to Cloud Storage
  • T1591.004 - Identify Roles
  • T1569.002 - Service Execution
  • T1124 - System Time Discovery
  • T1078.003 - Local Accounts
MITREへのリンク →

BlackTech

Score: 3.81
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

MuddyWater

Score: 8.22
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Confucius

Score: 13.18
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1567.002 - Exfiltration to Cloud Storage
  • T1221 - Template Injection
MITREへのリンク →

Sidewinder

Score: 14.67
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

Elderwood

Score: 5.58
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Machete

Score: 4.09
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
MITREへのリンク →

Mustard Tempest

Score: 9.72
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1608.006 - SEO Poisoning
MITREへのリンク →

Transparent Tribe

Score: 5.58
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT32

Score: 19.43
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1569.002 - Service Execution
  • T1078.003 - Local Accounts
MITREへのリンク →

APT1

Score: 4.51
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
MITREへのリンク →

APT33

Score: 10.88
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1552.006 - Group Policy Preferences
  • T1203 - Exploitation for Client Execution
  • T1078.004 - Cloud Accounts
MITREへのリンク →

EXOTIC LILY

Score: 14.50
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.001 - Social Media Accounts
  • T1593.001 - Social Media
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Magic Hound

Score: 23.33
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1189 - Drive-by Compromise
  • T1591.001 - Determine Physical Locations
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windshift

Score: 6.61
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 3.81
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

TA2541

Score: 6.31
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
MITREへのリンク →

Earth Lusca

Score: 12.83
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1567.002 - Exfiltration to Cloud Storage
  • T1189 - Drive-by Compromise
MITREへのリンク →

Storm-1811

Score: 16.08
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.004 - Spearphishing Voice
  • T1667 - Email Bombing
  • T1656 - Impersonation
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Wizard Spider

Score: 10.86
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1552.006 - Group Policy Preferences
  • T1567.002 - Exfiltration to Cloud Storage
  • T1569.002 - Service Execution
MITREへのリンク →

Patchwork

Score: 13.51
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TA505

Score: 4.29
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
MITREへのリンク →

LazyScripter

Score: 6.31
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
MITREへのリンク →

APT42

Score: 6.45
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1656 - Impersonation
MITREへのリンク →

APT39

Score: 7.12
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1569.002 - Service Execution
MITREへのリンク →

Scattered Spider

Score: 26.71
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1598.004 - Spearphishing Voice
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
  • T1567.002 - Exfiltration to Cloud Storage
  • T1656 - Impersonation
  • T1598 - Phishing for Information
  • T1078.004 - Cloud Accounts
  • T1213.005 - Messaging Applications
MITREへのリンク →

Star Blizzard

Score: 14.55
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
  • T1585.001 - Social Media Accounts
MITREへのリンク →

CURIUM

Score: 16.18
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1584.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 21.34
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1564.002 - Hidden Users
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1221 - Template Injection
MITREへのリンク →

Saint Bear

Score: 9.39
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1656 - Impersonation
MITREへのリンク →

Tropic Trooper

Score: 10.37
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
  • T1078.003 - Local Accounts
MITREへのリンク →

FIN6

Score: 7.98
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

admin@338

Score: 5.52
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1069.001 - Local Groups
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

BRONZE BUTLER

Score: 10.01
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

menuPass

Score: 5.81
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1199 - Trusted Relationship
MITREへのリンク →

Threat Group-3390

Score: 13.05
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1608.001 - Upload Malware
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
  • T1567.002 - Exfiltration to Cloud Storage
  • T1189 - Drive-by Compromise
MITREへのリンク →

Gamaredon Group

Score: 20.35
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1102.002 - Bidirectional Communication
  • T1221 - Template Injection
MITREへのリンク →

Darkhotel

Score: 6.73
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
MITREへのリンク →

BITTER

Score: 4.34
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Inception

Score: 5.52
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1221 - Template Injection
MITREへのリンク →

Ajax Security Team

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

RTM

Score: 5.92
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

APT41

Score: 11.08
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1656 - Impersonation
  • T1569.002 - Service Execution
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Winter Vivern

Score: 8.45
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1119 - Automated Collection
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

Higaisa

Score: 8.80
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1124 - System Time Discovery
MITREへのリンク →

APT12

Score: 4.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Malteiro

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1657 - Financial Theft
MITREへのリンク →

SideCopy

Score: 6.47
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

Andariel

Score: 7.98
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Tonto Team

Score: 5.52
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1069.001 - Local Groups
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT37

Score: 6.53
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Silence

Score: 3.27
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1569.002 - Service Execution
MITREへのリンク →

APT38

Score: 5.04
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1569.002 - Service Execution
MITREへのリンク →

DarkHydrus

Score: 4.03
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1221 - Template Injection
MITREへのリンク →

The White Company

Score: 4.96
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
MITREへのリンク →

HAFNIUM

Score: 14.55
Matched TTPs:
  • T1119 - Automated Collection
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1567.002 - Exfiltration to Cloud Storage
  • T1078.004 - Cloud Accounts
  • T1078.003 - Local Accounts
MITREへのリンク →

Chimera

Score: 12.34
Matched TTPs:
  • T1119 - Automated Collection
  • T1069.001 - Local Groups
  • T1567.002 - Exfiltration to Cloud Storage
  • T1569.002 - Service Execution
  • T1124 - System Time Discovery
MITREへのリンク →

BlackByte

Score: 4.37
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1569.002 - Service Execution
MITREへのリンク →

HEXANE

Score: 19.12
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1534 - Internal Spearphishing
  • T1069.001 - Local Groups
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1567.002 - Exfiltration to Cloud Storage
  • T1591.004 - Identify Roles
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

LAPSUS$

Score: 24.15
Matched TTPs:
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1199 - Trusted Relationship
  • T1656 - Impersonation
  • T1591.004 - Identify Roles
  • T1078.004 - Cloud Accounts
  • T1213.005 - Messaging Applications
MITREへのリンク →

INC Ransom

Score: 8.21
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
  • T1569.002 - Service Execution
MITREへのリンク →

Cinnamon Tempest

Score: 4.54
Matched TTPs:
  • T1657 - Financial Theft
  • T1567.002 - Exfiltration to Cloud Storage
MITREへのリンク →

Storm-0501

Score: 7.46
Matched TTPs:
  • T1657 - Financial Theft
  • T1567.002 - Exfiltration to Cloud Storage
  • T1078.004 - Cloud Accounts
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

Akira

Score: 4.54
Matched TTPs:
  • T1657 - Financial Theft
  • T1567.002 - Exfiltration to Cloud Storage
MITREへのリンク →

Medusa Group

Score: 15.82
Matched TTPs:
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1567.002 - Exfiltration to Cloud Storage
  • T1569.002 - Service Execution
  • T1218.014 - MMC
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
MITREへのリンク →

POLONIUM

Score: 9.17
Matched TTPs:
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1102.002 - Bidirectional Communication
  • T1567.002 - Exfiltration to Cloud Storage
MITREへのリンク →

GOLD SOUTHFIELD

Score: 6.03
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1566 - Phishing
MITREへのリンク →

Sea Turtle

Score: 10.19
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1078.003 - Local Accounts
MITREへのリンク →

Axiom

Score: 11.08
Matched TTPs:
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1001.002 - Steganography
MITREへのリンク →

Fox Kitten

Score: 6.19
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1213.005 - Messaging Applications
MITREへのリンク →

ToddyCat

Score: 4.54
Matched TTPs:
  • T1567.002 - Exfiltration to Cloud Storage
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

PROMETHIUM

Score: 4.43
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1078.003 - Local Accounts
MITREへのリンク →

Velvet Ant

Score: 9.20
Matched TTPs:
  • T1569.002 - Service Execution
  • T1078.003 - Local Accounts
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Rocke

Score: 3.29
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.84
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1593.001 - Social Media
  • T1566.002 - Spearphishing Link
  • T1102.002 - Bidirectional Communication
  • T1608.001 - Upload Malware
  • T1598.003 - Spearphishing Link
  • T1598 - Phishing for Information
  • T1591 - Gather Victim Org Information
  • T1566.001 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
  • T1567.002 - Exfiltration to Cloud Storage
  • T1583.006 - Web Services
  • T1657 - Financial Theft
  • T1102.001 - Dead Drop Resolver
  • T1078.003 - Local Accounts
  • T1656 - Impersonation
  • T1566 - Phishing
  • T1587.001 - Malware
  • T1564.002 - Hidden Users
  • T1534 - Internal Spearphishing
MITREへのリンク →

APT28

Score: 0.68
Matched TTPs:
  • T1119 - Automated Collection
  • T1598.003 - Spearphishing Link
  • T1199 - Trusted Relationship
  • T1598 - Phishing for Information
  • T1584.008 - Network Devices
  • T1591 - Gather Victim Org Information
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1211 - Exploitation for Defense Evasion
  • T1078.004 - Cloud Accounts
  • T1102.002 - Bidirectional Communication
  • T1566.001 - Spearphishing Attachment
  • T1221 - Template Injection
  • T1669 - Wi-Fi Networks
  • T1189 - Drive-by Compromise
MITREへのリンク →

Contagious Interview

Score: 0.62
Matched TTPs:
  • T1593 - Search Open Websites/Domains
  • T1681 - Search Threat Vendor Data
  • T1585.001 - Social Media Accounts
  • T1567.002 - Exfiltration to Cloud Storage
  • T1583.006 - Web Services
  • T1593.001 - Social Media
  • T1204.004 - Malicious Copy and Paste
  • T1657 - Financial Theft
  • T1656 - Impersonation
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1588.007 - Artificial Intelligence
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Sandworm Team

Score: 0.57
Matched TTPs:
  • T1591.002 - Business Relationships
  • T1598.003 - Spearphishing Link
  • T1199 - Trusted Relationship
  • T1593 - Search Open Websites/Domains
  • T1585.001 - Social Media Accounts
  • T1592.002 - Software
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1566.002 - Spearphishing Link
  • T1102.002 - Bidirectional Communication
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1491.002 - External Defacement
MITREへのリンク →

Lazarus Group

Score: 0.55
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1001.003 - Protocol or Service Impersonation
  • T1027.007 - Dynamic API Resolution
  • T1591 - Gather Victim Org Information
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1124 - System Time Discovery
  • T1566.002 - Spearphishing Link
  • T1102.002 - Bidirectional Communication
  • T1587.001 - Malware
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る