Trusted Design

New Attacks Linked to C0d0s0 Group

概要

Unit 42 discovered new activity that appears related to an adversary group previously called “C0d0so0” or “Codoso”. This group is well known for a widely publicized attack involving the compromise of Forbes.com, in which the site was used to compromise selected targets via a watering hole to a zero-day Adobe Flash exploit. Compared to other adversary groups, C0d0so0 has shown the use of more sophisticated tactics and tools and has been linked to leveraging zero-day exploits on numerous occasions in combination with watering hole and spear phishing attacks. In the newly discovered attack campaign, Unit 42 identified attacks targeting organizations within the telecommunications, high tech, education, manufacturing, and legal services industries. The attacks likely were initially delivered via spear-phishing e-mails, or as demonstrated by C0d0so0 in the past, legitimate websites that had been previously compromised then used as watering holes for the selected victims.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Volt Typhoon

Score: 55.66
Matched TTPs:
  • T1592 - Gather Victim Host Information
  • T1584.008 - Network Devices
  • T1069 - Permission Groups Discovery
  • T1594 - Search Victim-Owned Websites
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1589.002 - Email Addresses
  • T1590.006 - Network Security Appliances
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1069.001 - Local Groups
  • T1593 - Search Open Websites/Domains
  • T1591.004 - Identify Roles
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1596.005 - Scan Databases
MITREへのリンク →

LAPSUS$

Score: 38.81
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1586.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1204 - User Execution
  • T1199 - Trusted Relationship
  • T1589.001 - Credentials
  • T1656 - Impersonation
  • T1591.004 - Identify Roles
  • T1578.002 - Create Cloud Instance
MITREへのリンク →

Contagious Interview

Score: 45.69
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1681 - Search Threat Vendor Data
  • T1585.002 - Email Accounts
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1593.001 - Social Media
  • T1656 - Impersonation
  • T1204.004 - Malicious Copy and Paste
  • T1587 - Develop Capabilities
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ember Bear

Score: 17.26
Matched TTPs:
  • T1491.002 - External Defacement
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1203 - Exploitation for Client Execution
  • T1588.005 - Exploits
MITREへのリンク →

Sandworm Team

Score: 68.81
Matched TTPs:
  • T1491.002 - External Defacement
  • T1594 - Search Victim-Owned Websites
  • T1587.001 - Malware
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1591.002 - Business Relationships
  • T1589.003 - Employee Names
  • T1584.005 - Botnet
  • T1199 - Trusted Relationship
  • T1593 - Search Open Websites/Domains
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1584.004 - Server
  • T1590.001 - Domain Properties
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Andariel

Score: 12.60
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1566.001 - Spearphishing Attachment
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Magic Hound

Score: 44.16
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1592.002 - Software
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1591.001 - Determine Physical Locations
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
  • T1584.001 - Domains
MITREへのリンク →

HAFNIUM

Score: 25.38
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1190 - Exploit Public-Facing Application
  • T1589.002 - Email Addresses
  • T1592.004 - Client Configurations
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1590 - Gather Victim Network Information
  • T1199 - Trusted Relationship
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT41

Score: 30.06
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1069 - Permission Groups Discovery
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1656 - Impersonation
  • T1105 - Ingress Tool Transfer
  • T1596.005 - Scan Databases
  • T1008 - Fallback Channels
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

TA551

Score: 10.49
Matched TTPs:
  • T1568.002 - Domain Generation Algorithms
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1589.002 - Email Addresses
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT28

Score: 50.72
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1557.004 - Evil Twin
  • T1596 - Search Open Technical Databases
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1199 - Trusted Relationship
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1189 - Drive-by Compromise
  • T1498 - Network Denial of Service
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

ZIRCONIUM

Score: 21.22
Matched TTPs:
  • T1584.008 - Network Devices
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Leviathan

Score: 37.44
Matched TTPs:
  • T1584.008 - Network Devices
  • T1586.001 - Social Media Accounts
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 19.68
Matched TTPs:
  • T1583.008 - Malvertising
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
  • T1608.006 - SEO Poisoning
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1584.001 - Domains
MITREへのリンク →

Scattered Spider

Score: 29.43
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1598.004 - Spearphishing Voice
  • T1657 - Financial Theft
  • T1204 - User Execution
  • T1656 - Impersonation
  • T1598 - Phishing for Information
  • T1578.002 - Create Cloud Instance
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA505

Score: 11.23
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT3

Score: 8.36
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1566.002 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN13

Score: 16.18
Matched TTPs:
  • T1069 - Permission Groups Discovery
  • T1587.001 - Malware
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Silent Librarian

Score: 19.76
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1589.003 - Employee Names
  • T1608.005 - Link Target
MITREへのリンク →

Kimsuky

Score: 85.68
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1596 - Search Open Technical Databases
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1593.002 - Search Engines
  • T1589.003 - Employee Names
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1534 - Internal Spearphishing
  • T1593 - Search Open Websites/Domains
  • T1566 - Phishing
  • T1055.012 - Process Hollowing
  • T1593.001 - Social Media
  • T1102.002 - Bidirectional Communication
  • T1656 - Impersonation
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1587 - Develop Capabilities
  • T1204.001 - Malicious Link
  • T1588.005 - Exploits
  • T1102.001 - Dead Drop Resolver
  • T1584.001 - Domains
MITREへのリンク →

EXOTIC LILY

Score: 30.19
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1102 - Web Service
  • T1597 - Search Closed Sources
  • T1593.001 - Social Media
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA578

Score: 6.66
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Moonstone Sleet

Score: 27.60
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1591 - Gather Victim Org Information
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1587 - Develop Capabilities
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 11.84
Matched TTPs:
  • T1587.001 - Malware
  • T1585.002 - Email Accounts
  • T1590 - Gather Victim Network Information
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Lazarus Group

Score: 43.09
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1591 - Gather Victim Org Information
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1008 - Fallback Channels
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 32.10
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1069.001 - Local Groups
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1008 - Fallback Channels
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 12.63
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
  • T1203 - Exploitation for Client Execution
  • T1008 - Fallback Channels
MITREへのリンク →

LuminousMoth

Score: 11.50
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1608.005 - Link Target
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 7.41
Matched TTPs:
  • T1587.001 - Malware
  • T1590.004 - Network Topology
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

APT29

Score: 19.46
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Play

Score: 6.87
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Aoqin Dragon

Score: 5.78
Matched TTPs:
  • T1587.001 - Malware
  • T1036 - Masquerading
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 13.79
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1199 - Trusted Relationship
  • T1573.002 - Asymmetric Cryptography
  • T1204.001 - Malicious Link
MITREへのリンク →

Moses Staff

Score: 4.34
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Turla

Score: 23.98
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1069.001 - Local Groups
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Ke3chang

Score: 4.34
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Mustang Panda

Score: 39.28
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1102 - Web Service
  • T1608 - Stage Capabilities
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1204.001 - Malicious Link
MITREへのリンク →

TeamTNT

Score: 11.07
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1102 - Web Service
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN7

Score: 30.12
Matched TTPs:
  • T1587.001 - Malware
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1608.005 - Link Target
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1008 - Fallback Channels
MITREへのリンク →

BlackTech

Score: 6.64
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1203 - Exploitation for Client Execution
  • T1204.001 - Malicious Link
MITREへのリンク →

MuddyWater

Score: 11.83
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Confucius

Score: 7.96
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Mofang

Score: 3.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

Sidewinder

Score: 12.03
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Elderwood

Score: 7.72
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Machete

Score: 5.45
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
MITREへのリンク →

Transparent Tribe

Score: 11.74
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1204.001 - Malicious Link
  • T1584.001 - Domains
MITREへのリンク →

Evilnum

Score: 3.58
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN8

Score: 9.73
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1573.002 - Asymmetric Cryptography
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT32

Score: 22.91
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1589.002 - Email Addresses
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT1

Score: 9.41
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1584.001 - Domains
MITREへのリンク →

APT33

Score: 10.08
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1552.006 - Group Policy Preferences
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Molerats

Score: 4.46
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Windshift

Score: 10.93
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Cobalt Group

Score: 8.70
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

FIN4

Score: 3.68
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1204.001 - Malicious Link
MITREへのリンク →

TA2541

Score: 15.86
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1055.012 - Process Hollowing
  • T1573.002 - Asymmetric Cryptography
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Earth Lusca

Score: 18.00
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-1811

Score: 20.56
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1566.004 - Spearphishing Voice
  • T1667 - Email Bombing
  • T1656 - Impersonation
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Wizard Spider

Score: 10.88
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1552.006 - Group Policy Preferences
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

TA577

Score: 5.47
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1204.001 - Malicious Link
MITREへのリンク →

Patchwork

Score: 16.61
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1055.012 - Process Hollowing
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

LazyScripter

Score: 14.67
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT42

Score: 15.53
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1102 - Web Service
  • T1573.002 - Asymmetric Cryptography
  • T1656 - Impersonation
MITREへのリンク →

APT39

Score: 8.33
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 18.68
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
MITREへのリンク →

CURIUM

Score: 15.05
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 20.66
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Saint Bear

Score: 13.27
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1589.002 - Email Addresses
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1656 - Impersonation
  • T1204.001 - Malicious Link
MITREへのリンク →

Tropic Trooper

Score: 5.89
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN6

Score: 8.67
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

admin@338

Score: 5.52
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1069.001 - Local Groups
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

BRONZE BUTLER

Score: 10.38
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

menuPass

Score: 12.72
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1199 - Trusted Relationship
  • T1055.012 - Process Hollowing
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Threat Group-3390

Score: 19.90
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1608.002 - Upload Tool
  • T1199 - Trusted Relationship
  • T1055.012 - Process Hollowing
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Gamaredon Group

Score: 29.57
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1102 - Web Service
  • T1583.006 - Web Services
  • T1491.001 - Internal Defacement
  • T1102.003 - One-Way Communication
  • T1534 - Internal Spearphishing
  • T1001 - Data Obfuscation
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Darkhotel

Score: 4.91
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

BITTER

Score: 6.64
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Inception

Score: 4.89
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102 - Web Service
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Ajax Security Team

Score: 4.17
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

RTM

Score: 5.92
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Winter Vivern

Score: 13.57
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Higaisa

Score: 6.21
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
MITREへのリンク →

Gorgon Group

Score: 4.80
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1055.012 - Process Hollowing
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT12

Score: 4.77
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Malteiro

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1657 - Financial Theft
MITREへのリンク →

SideCopy

Score: 10.53
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1584.001 - Domains
MITREへのリンク →

Nomadic Octopus

Score: 3.84
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Tonto Team

Score: 6.30
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1069.001 - Local Groups
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT37

Score: 7.31
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

IndigoZebra

Score: 7.85
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1583.001 - Domains
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT38

Score: 6.29
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1583.001 - Domains
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

PLATINUM

Score: 5.60
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1036 - Masquerading
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

HEXANE

Score: 24.54
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1589.002 - Email Addresses
  • T1534 - Internal Spearphishing
  • T1069.001 - Local Groups
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

BlackByte

Score: 11.22
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1491.001 - Internal Defacement
  • T1055.012 - Process Hollowing
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Rocke

Score: 8.05
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
  • T1105 - Ingress Tool Transfer
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

GOLD SOUTHFIELD

Score: 7.50
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1199 - Trusted Relationship
  • T1566 - Phishing
MITREへのリンク →

Medusa Group

Score: 20.49
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1585.002 - Email Accounts
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1573.002 - Asymmetric Cryptography
  • T1650 - Acquire Access
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Sea Turtle

Score: 10.51
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1583.001 - Domains
  • T1199 - Trusted Relationship
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Storm-0501

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
MITREへのリンク →

Fox Kitten

Score: 4.77
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1102 - Web Service
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Cinnamon Tempest

Score: 4.77
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Agrius

Score: 3.66
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
MITREへのリンク →

ToddyCat

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Volatile Cedar

Score: 6.38
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.003 - Wordlist Scanning
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

INC Ransom

Score: 8.05
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1657 - Financial Theft
  • T1566 - Phishing
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Axiom

Score: 16.17
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1566 - Phishing
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1001.002 - Steganography
MITREへのリンク →

RedEcho

Score: 4.26
Matched TTPs:
  • T1583.001 - Domains
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

MoustachedBouncer

Score: 4.54
Matched TTPs:
  • T1659 - Content Injection
MITREへのリンク →

AppleJeus

Score: 5.81
Matched TTPs:
  • T1657 - Financial Theft
  • T1566 - Phishing
MITREへのリンク →

POLONIUM

Score: 7.16
Matched TTPs:
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Chimera

Score: 7.37
Matched TTPs:
  • T1069.001 - Local Groups
  • T1589.001 - Credentials
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Daggerfly

Score: 6.74
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.81
Matched TTPs:
  • T1055.012 - Process Hollowing
  • T1584.001 - Domains
  • T1608.001 - Upload Malware
  • T1534 - Internal Spearphishing
  • T1596 - Search Open Technical Databases
  • T1588.005 - Exploits
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1566 - Phishing
  • T1594 - Search Victim-Owned Websites
  • T1589.002 - Email Addresses
  • T1566.002 - Spearphishing Link
  • T1591 - Gather Victim Org Information
  • T1190 - Exploit Public-Facing Application
  • T1587 - Develop Capabilities
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1204.001 - Malicious Link
  • T1656 - Impersonation
  • T1657 - Financial Theft
  • T1566.001 - Spearphishing Attachment
  • T1593.001 - Social Media
  • T1105 - Ingress Tool Transfer
  • T1102.002 - Bidirectional Communication
  • T1593.002 - Search Engines
  • T1586.002 - Email Accounts
  • T1598 - Phishing for Information
  • T1102.001 - Dead Drop Resolver
  • T1589.003 - Employee Names
MITREへのリンク →

Sandworm Team

Score: 0.71
Matched TTPs:
  • T1491.002 - External Defacement
  • T1608.001 - Upload Malware
  • T1586.001 - Social Media Accounts
  • T1195 - Supply Chain Compromise
  • T1203 - Exploitation for Client Execution
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1584.004 - Server
  • T1583.001 - Domains
  • T1585.002 - Email Accounts
  • T1594 - Search Victim-Owned Websites
  • T1589.002 - Email Addresses
  • T1590.001 - Domain Properties
  • T1036 - Masquerading
  • T1591.002 - Business Relationships
  • T1566.002 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1593 - Search Open Websites/Domains
  • T1204.001 - Malicious Link
  • T1199 - Trusted Relationship
  • T1566.001 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1102.002 - Bidirectional Communication
  • T1592.002 - Software
  • T1589.003 - Employee Names
MITREへのリンク →

Volt Typhoon

Score: 0.57
Matched TTPs:
  • T1590 - Gather Victim Network Information
  • T1591 - Gather Victim Org Information
  • T1069.001 - Local Groups
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1069 - Permission Groups Discovery
  • T1596.005 - Scan Databases
  • T1105 - Ingress Tool Transfer
  • T1592 - Gather Victim Host Information
  • T1584.004 - Server
  • T1584.008 - Network Devices
  • T1590.006 - Network Security Appliances
  • T1590.004 - Network Topology
  • T1594 - Search Victim-Owned Websites
  • T1589.002 - Email Addresses
  • T1593 - Search Open Websites/Domains
  • T1591.004 - Identify Roles
MITREへのリンク →

APT28

Score: 0.57
Matched TTPs:
  • T1596 - Search Open Technical Databases
  • T1203 - Exploitation for Client Execution
  • T1598.003 - Spearphishing Link
  • T1557.004 - Evil Twin
  • T1583.001 - Domains
  • T1036 - Masquerading
  • T1591 - Gather Victim Org Information
  • T1190 - Exploit Public-Facing Application
  • T1498 - Network Denial of Service
  • T1583.006 - Web Services
  • T1589.001 - Credentials
  • T1204.001 - Malicious Link
  • T1199 - Trusted Relationship
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1102.002 - Bidirectional Communication
  • T1586.002 - Email Accounts
  • T1584.008 - Network Devices
  • T1598 - Phishing for Information
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る