Trusted Design

BlackEnergy APT Attacks in Ukraine employ spearphishing Word

概要

Late last year, a wave of cyber-attacks hit several critical sectors in Ukraine. Widely discussed in the media, the attacks took advantage of known BlackEnergy Trojans as well as several new modules. BlackEnergy is a Trojan that was created by a hacker known as Cr4sh. In 2007, he reportedly stopped working on it and sold the source code for an estimated $700. The source code appears to have been picked by one or more threat actors and was used to conduct DDoS attacks against Georgia in 2008. These unknown actors continued launching DDoS attacks over the next few years. Around 2014, a specific user group of BlackEnergy attackers came to our attention when they began deploying SCADA-related plugins to victims in the ICS and energy sectors around the world. This indicated a unique skillset, well above the average DDoS botnet master.

Created: 2026-02-23

Indicators

類似Pulses

BlackEnergy by the SSHBearDoor (score: 0.79)
Domains and Hostnames from the BlackEnergy report (score: 0.75)
Updated BlackEnergy Trojan Grows More Powerful (McAfee) (score: 0.74)
BlackEnergy Malware (score: 0.73)
New wave of cyberattacks against Ukrainian power industry (score: 0.71)

このPulseに関連する脅威アクター (事実ベース)

Mustard Tempest

Score: 6.51

Matched TTPs:

T1583.008 - Malvertising
T1608.001 - Upload Malware

MITREへのリンク →

Medusa Group

Score: 12.37

Matched TTPs:

T1489 - Service Stop
T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1585.001 - Social Media Accounts
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Lazarus Group

Score: 12.14

Matched TTPs:

T1489 - Service Stop
T1587.001 - Malware
T1585.001 - Social Media Accounts
T1203 - Exploitation for Client Execution
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Sandworm Team

Score: 27.59

Matched TTPs:

T1489 - Service Stop
T1587.001 - Malware
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1585.001 - Social Media Accounts
T1195.002 - Compromise Software Supply Chain
T1203 - Exploitation for Client Execution
T1499 - Endpoint Denial of Service

MITREへのリンク →

LAPSUS$

Score: 3.29

Matched TTPs:

T1489 - Service Stop

MITREへのリンク →

Wizard Spider

Score: 10.35

Matched TTPs:

T1489 - Service Stop
T1552.006 - Group Policy Preferences
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Indrik Spider

Score: 9.23

Matched TTPs:

T1489 - Service Stop
T1587.001 - Malware
T1136 - Create Account

MITREへのリンク →

Kimsuky

Score: 17.97

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1585.001 - Social Media Accounts
T1598 - Phishing for Information
T1588.005 - Exploits

MITREへのリンク →

FIN13

Score: 6.09

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1657 - Financial Theft

MITREへのリンク →

Moonstone Sleet

Score: 12.78

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1585.001 - Social Media Accounts
T1195.002 - Compromise Software Supply Chain
T1598 - Phishing for Information

MITREへのリンク →

Contagious Interview

Score: 13.06

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1681 - Search Threat Vendor Data
T1657 - Financial Theft
T1585.001 - Social Media Accounts

MITREへのリンク →

OilRig

Score: 12.15

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

UNC3886

Score: 9.19

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1681 - Search Threat Vendor Data
T1203 - Exploitation for Client Execution

MITREへのリンク →

LuminousMoth

Score: 4.07

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware

MITREへのリンク →

Salt Typhoon

Score: 7.41

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1136 - Create Account

MITREへのリンク →

APT29

Score: 8.68

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution

MITREへのリンク →

Play

Score: 6.09

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1657 - Financial Theft

MITREへのリンク →

Aoqin Dragon

Score: 3.59

Matched TTPs:

T1587.001 - Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

RedCurl

Score: 4.84

Matched TTPs:

T1587.001 - Malware
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Cleaver

Score: 4.44

Matched TTPs:

T1587.001 - Malware
T1585.001 - Social Media Accounts

MITREへのリンク →

Moses Staff

Score: 3.57

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Turla

Score: 5.02

Matched TTPs:

T1587.001 - Malware
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Ke3chang

Score: 7.41

Matched TTPs:

T1587.001 - Malware
T1583.005 - Botnet
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Mustang Panda

Score: 5.56

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

TeamTNT

Score: 8.61

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1610 - Deploy Container

MITREへのリンク →

FIN7

Score: 8.47

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1195.002 - Compromise Software Supply Chain

MITREへのリンク →

HAFNIUM

Score: 13.07

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1550.001 - Application Access Token

MITREへのリンク →

APT5

Score: 5.31

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application

MITREへのリンク →

TA2541

Score: 4.72

Matched TTPs:

T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Earth Lusca

Score: 3.44

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Gamaredon Group

Score: 6.51

Matched TTPs:

T1608.001 - Upload Malware
T1001 - Data Obfuscation

MITREへのリンク →

Star Blizzard

Score: 4.31

Matched TTPs:

T1608.001 - Upload Malware
T1585.001 - Social Media Accounts

MITREへのリンク →

Threat Group-3390

Score: 7.86

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1195.002 - Compromise Software Supply Chain
T1203 - Exploitation for Client Execution

MITREへのリンク →

TA505

Score: 4.90

Matched TTPs:

T1608.001 - Upload Malware
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

BlackByte

Score: 3.44

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

BITTER

Score: 7.09

Matched TTPs:

T1608.001 - Upload Malware
T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT32

Score: 5.81

Matched TTPs:

T1608.001 - Upload Malware
T1585.001 - Social Media Accounts
T1203 - Exploitation for Client Execution

MITREへのリンク →

HEXANE

Score: 4.31

Matched TTPs:

T1608.001 - Upload Malware
T1585.001 - Social Media Accounts

MITREへのリンク →

Saint Bear

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

EXOTIC LILY

Score: 5.81

Matched TTPs:

T1608.001 - Upload Malware
T1585.001 - Social Media Accounts
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT42

Score: 4.72

Matched TTPs:

T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Ember Bear

Score: 10.94

Matched TTPs:

T1195 - Supply Chain Compromise
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1588.005 - Exploits

MITREへのリンク →

Volt Typhoon

Score: 5.09

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1584.005 - Botnet

MITREへのリンク →

APT28

Score: 15.07

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1598 - Phishing for Information
T1498 - Network Denial of Service
T1550.001 - Application Access Token

MITREへのリンク →

BackdoorDiplomacy

Score: 4.40

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

GOLD SOUTHFIELD

Score: 4.40

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1195.002 - Compromise Software Supply Chain

MITREへのリンク →

Magic Hound

Score: 7.43

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1585.001 - Social Media Accounts
T1573 - Encrypted Channel

MITREへのリンク →

Storm-0501

Score: 3.99

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft

MITREへのリンク →

Fox Kitten

Score: 3.81

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1585.001 - Social Media Accounts

MITREへのリンク →

Cinnamon Tempest

Score: 3.99

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft

MITREへのリンク →

Leviathan

Score: 8.23

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1585.001 - Social Media Accounts
T1203 - Exploitation for Client Execution
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

INC Ransom

Score: 3.99

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft

MITREへのリンク →

Dragonfly

Score: 5.89

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1195.002 - Compromise Software Supply Chain
T1203 - Exploitation for Client Execution

MITREへのリンク →

Axiom

Score: 11.12

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1203 - Exploitation for Client Execution
T1001.002 - Steganography

MITREへのリンク →

APT41

Score: 5.89

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1195.002 - Compromise Software Supply Chain
T1203 - Exploitation for Client Execution

MITREへのリンク →

Malteiro

Score: 5.45

Matched TTPs:

T1657 - Financial Theft
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Scattered Spider

Score: 16.69

Matched TTPs:

T1657 - Financial Theft
T1585.001 - Social Media Accounts
T1598 - Phishing for Information
T1136 - Create Account
T1538 - Cloud Service Dashboard

MITREへのリンク →

Water Galura

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1585.001 - Social Media Accounts

MITREへのリンク →

APT33

Score: 5.63

Matched TTPs:

T1552.006 - Group Policy Preferences
T1203 - Exploitation for Client Execution

MITREへのリンク →

Tropic Trooper

Score: 10.79

Matched TTPs:

T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography
T1055.001 - Dynamic-link Library Injection

MITREへのリンク →

Cobalt Group

Score: 7.17

Matched TTPs:

T1195.002 - Compromise Software Supply Chain
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

ZIRCONIUM

Score: 3.44

Matched TTPs:

T1598 - Phishing for Information

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.85

Matched TTPs:

T1195 - Supply Chain Compromise
T1499 - Endpoint Denial of Service
T1489 - Service Stop
T1585.001 - Social Media Accounts
T1203 - Exploitation for Client Execution
T1195.002 - Compromise Software Supply Chain
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1587.001 - Malware
T1608.001 - Upload Malware

MITREへのリンク →

Kimsuky

Score: 0.60

Matched TTPs:

T1657 - Financial Theft
T1598 - Phishing for Information
T1588.005 - Exploits
T1190 - Exploit Public-Facing Application
T1585.001 - Social Media Accounts
T1587.001 - Malware
T1608.001 - Upload Malware

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る