Trusted Design

New Targeted Attack Group Buys BIFROSE Code, Works in Teams

概要

Recently, TrendMicro uncovered a new cyber-espionage attack by a well-funded and organized group targeting companies close to governments and in key industries mostly in Asia. These targets include privatized government agencies and government contractors, as well as companies in the consumer electronics, computer, healthcare, and financial industries. This group has been active since 2010. We dub this operation Shrouded Crossbow, after a mutex in a backdoor the group developed. Our research indicates that the group has sufficient financial resources to purchase the source code of a widely available malware tool, and the human resources to design improved versions of its own backdoors based on this.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 8.75
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1131 - Authentication Package
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
MITREへのリンク →

FIN13

Score: 7.81
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Moonstone Sleet

Score: 7.55
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1573 - Encrypted Channel
  • T1547.008 - LSASS Driver
MITREへのリンク →

Lazarus Group

Score: 9.60
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1199 - Trusted Relationship
  • T1055.005 - Thread Local Storage
  • T1547.008 - LSASS Driver
MITREへのリンク →

Contagious Interview

Score: 11.28
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1131 - Authentication Package
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
  • T1547.008 - LSASS Driver
MITREへのリンク →

OilRig

Score: 9.31
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1005 - Data from Local System
  • T1199 - Trusted Relationship
  • T1547.008 - LSASS Driver
MITREへのリンク →

UNC3886

Score: 4.55
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1136.002 - Domain Account
MITREへのリンク →

LuminousMoth

Score: 5.40
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

Sandworm Team

Score: 12.06
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1005 - Data from Local System
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
  • T1548.006 - TCC Manipulation
MITREへのリンク →

APT29

Score: 9.09
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1199 - Trusted Relationship
  • T1683 - Generate Content
  • T1547.008 - LSASS Driver
MITREへのリンク →

Play

Score: 5.47
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
MITREへのリンク →

Turla

Score: 8.69
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1131 - Authentication Package
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

Ke3chang

Score: 5.29
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Mustang Panda

Score: 9.42
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1199 - Trusted Relationship
  • T1055.005 - Thread Local Storage
  • T1548.006 - TCC Manipulation
MITREへのリンク →

FIN7

Score: 10.41
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1011.001 - Exfiltration Over Bluetooth
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
MITREへのリンク →

Ember Bear

Score: 6.30
Matched TTPs:
  • T1005 - Data from Local System
  • T1136.002 - Domain Account
MITREへのリンク →

APT38

Score: 5.39
Matched TTPs:
  • T1503 - Credentials from Web Browsers
  • T1199 - Trusted Relationship
MITREへのリンク →

Medusa Group

Score: 9.85
Matched TTPs:
  • T1218.003 - CMSTP
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Threat Group-3390

Score: 7.91
Matched TTPs:
  • T1218.003 - CMSTP
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
MITREへのリンク →

SilverTerrier

Score: 5.81
Matched TTPs:
  • T1131 - Authentication Package
  • T1552.003 - Shell History
MITREへのリンク →

APT32

Score: 4.13
Matched TTPs:
  • T1131 - Authentication Package
  • T1199 - Trusted Relationship
MITREへのリンク →

APT28

Score: 6.48
Matched TTPs:
  • T1131 - Authentication Package
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

TA2541

Score: 3.31
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

LAPSUS$

Score: 5.65
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Metador

Score: 3.31
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

APT1

Score: 3.31
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

Aquatic Panda

Score: 3.31
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

Andariel

Score: 5.49
Matched TTPs:
  • T1136.002 - Domain Account
  • T1562.011 - Spoof Security Alerting
MITREへのリンク →

TA505

Score: 3.31
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

Earth Lusca

Score: 6.34
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
  • T1562.011 - Spoof Security Alerting
MITREへのリンク →

BackdoorDiplomacy

Score: 3.31
Matched TTPs:
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
MITREへのリンク →

Scattered Spider

Score: 8.17
Matched TTPs:
  • T1136.002 - Domain Account
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

INC Ransom

Score: 3.37
Matched TTPs:
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
MITREへのリンク →

Cinnamon Tempest

Score: 3.37
Matched TTPs:
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
MITREへのリンク →

APT33

Score: 4.98
Matched TTPs:
  • T1567.001 - Exfiltration to Code Repository
  • T1199 - Trusted Relationship
MITREへのリンク →

Wizard Spider

Score: 7.32
Matched TTPs:
  • T1567.001 - Exfiltration to Code Repository
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Magic Hound

Score: 6.99
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1683 - Generate Content
  • T1547.008 - LSASS Driver
MITREへのリンク →

BITTER

Score: 4.47
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1683 - Generate Content
MITREへのリンク →

MuddyWater

Score: 7.50
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1562.011 - Spoof Security Alerting
  • T1059.013 - Container CLI/API
MITREへのリンク →

Storm-1811

Score: 3.37
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1547.008 - LSASS Driver
MITREへのリンク →

BRONZE BUTLER

Score: 3.88
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1562.011 - Spoof Security Alerting
MITREへのリンク →

menuPass

Score: 3.19
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

APT41

Score: 6.12
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
  • T1548.006 - TCC Manipulation
MITREへのリンク →

FIN6

Score: 5.71
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
  • T1547.008 - LSASS Driver
MITREへのリンク →

Sea Turtle

Score: 4.47
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1059.013 - Container CLI/API
MITREへのリンク →

Cobalt Group

Score: 3.78
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
MITREへのリンク →

Dragonfly

Score: 6.12
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1573 - Encrypted Channel
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Gamaredon Group

Score: 4.47
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1059.013 - Container CLI/API
MITREへのリンク →

Chimera

Score: 3.19
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Volt Typhoon

Score: 3.19
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Tropic Trooper

Score: 6.66
Matched TTPs:
  • T1683 - Generate Content
  • T1562.011 - Spoof Security Alerting
MITREへのリンク →

APT37

Score: 3.03
Matched TTPs:
  • T1562.011 - Spoof Security Alerting
MITREへのリンク →

TA551

Score: 3.03
Matched TTPs:
  • T1562.011 - Spoof Security Alerting
MITREへのリンク →

Leviathan

Score: 3.03
Matched TTPs:
  • T1562.011 - Spoof Security Alerting
MITREへのリンク →

Rocke

Score: 3.62
Matched TTPs:
  • T1059.013 - Container CLI/API
MITREへのリンク →

Mustard Tempest

Score: 4.54
Matched TTPs:
  • T1543.002 - Systemd Service
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.82
Matched TTPs:
  • T1548.006 - TCC Manipulation
  • T1606.002 - SAML Tokens
  • T1005 - Data from Local System
  • T1573 - Encrypted Channel
  • T1199 - Trusted Relationship
MITREへのリンク →

FIN7

Score: 0.79
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1199 - Trusted Relationship
  • T1606.002 - SAML Tokens
  • T1011.001 - Exfiltration Over Bluetooth
MITREへのリンク →

Contagious Interview

Score: 0.74
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1552.003 - Shell History
  • T1131 - Authentication Package
  • T1547.008 - LSASS Driver
  • T1199 - Trusted Relationship
MITREへのリンク →

Medusa Group

Score: 0.73
Matched TTPs:
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
  • T1218.003 - CMSTP
MITREへのリンク →

Lazarus Group

Score: 0.70
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1606.002 - SAML Tokens
  • T1055.005 - Thread Local Storage
  • T1547.008 - LSASS Driver
MITREへのリンク →

Turla

Score: 0.66
Matched TTPs:
  • T1136.002 - Domain Account
  • T1606.002 - SAML Tokens
  • T1199 - Trusted Relationship
  • T1131 - Authentication Package
MITREへのリンク →

OilRig

Score: 0.66
Matched TTPs:
  • T1005 - Data from Local System
  • T1199 - Trusted Relationship
  • T1606.002 - SAML Tokens
  • T1547.008 - LSASS Driver
MITREへのリンク →

APT29

Score: 0.65
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1606.002 - SAML Tokens
  • T1683 - Generate Content
  • T1547.008 - LSASS Driver
MITREへのリンク →

Mustang Panda

Score: 0.65
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1606.002 - SAML Tokens
  • T1055.005 - Thread Local Storage
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Kimsuky

Score: 0.62
Matched TTPs:
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
  • T1606.002 - SAML Tokens
  • T1131 - Authentication Package
MITREへのリンク →

Threat Group-3390

Score: 0.62
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1199 - Trusted Relationship
  • T1218.003 - CMSTP
MITREへのリンク →

Scattered Spider

Score: 0.61
Matched TTPs:
  • T1552.003 - Shell History
  • T1136.002 - Domain Account
  • T1199 - Trusted Relationship
  • T1548.006 - TCC Manipulation
MITREへのリンク →

FIN13

Score: 0.61
Matched TTPs:
  • T1552.003 - Shell History
  • T1199 - Trusted Relationship
  • T1606.002 - SAML Tokens
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Wizard Spider

Score: 0.58
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1567.001 - Exfiltration to Code Repository
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Moonstone Sleet

Score: 0.58
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1606.002 - SAML Tokens
  • T1547.008 - LSASS Driver
MITREへのリンク →

MuddyWater

Score: 0.58
Matched TTPs:
  • T1059.013 - Container CLI/API
  • T1199 - Trusted Relationship
  • T1562.011 - Spoof Security Alerting
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る