Trusted Design

Attack on Zygote: a new twist in the evolution of mobile threats

概要

The owners of Trojans , such as Leech, Ztorg, Gorpo (as well as the new malware family Trojan.AndroidOS.Iop) are working together. Devices infected by these malicious programs usually form a kind of “advertising botnet” via which advertising Trojans distribute each other as well as the advertised apps. Within a few minutes of installing one of these Trojans, all other active malware on the “network” is enabled on the victim’s device. Cybercriminals are cashing in on advertising and installing legitimate applications.

Created: 2026-02-23

Indicators

類似Pulses

ZBot Malware (score: 0.82)
Banking Trojan infected dozens of Android apps worldwide (score: 0.69)
Trojan-Banker.AndroidOS.Faketoken follow-up (score: 0.67)
Zbot malware on Metadefender.com (score: 0.65)
Android Trojan Xbot Phishes Credit Cards and Bank Accounts (score: 0.65)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 17.53

Matched TTPs:

T1491.002 - External Defacement
T1195 - Supply Chain Compromise
T1190 - Exploit Public-Facing Application
T1588.001 - Malware
T1203 - Exploitation for Client Execution
T1588.005 - Exploits

MITREへのリンク →

Sandworm Team

Score: 24.82

Matched TTPs:

T1491.002 - External Defacement
T1587.001 - Malware
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1592.002 - Software
T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

Volt Typhoon

Score: 13.65

Matched TTPs:

T1584.008 - Network Devices
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1003.003 - NTDS
T1124 - System Time Discovery

MITREへのリンク →

APT28

Score: 20.28

Matched TTPs:

T1584.008 - Network Devices
T1091 - Replication Through Removable Media
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1003.003 - NTDS
T1669 - Wi-Fi Networks

MITREへのリンク →

ZIRCONIUM

Score: 8.23

Matched TTPs:

T1584.008 - Network Devices
T1583.006 - Web Services
T1124 - System Time Discovery

MITREへのリンク →

Leviathan

Score: 8.35

Matched TTPs:

T1584.008 - Network Devices
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Mustard Tempest

Score: 8.28

Matched TTPs:

T1583.008 - Malvertising
T1608.001 - Upload Malware
T1189 - Drive-by Compromise

MITREへのリンク →

Kimsuky

Score: 19.51

Matched TTPs:

T1587.001 - Malware
T1176.001 - Browser Extensions
T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1566 - Phishing
T1588.005 - Exploits

MITREへのリンク →

FIN13

Score: 5.91

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1003.003 - NTDS

MITREへのリンク →

Moonstone Sleet

Score: 4.07

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware

MITREへのリンク →

Lazarus Group

Score: 17.94

Matched TTPs:

T1587.001 - Malware
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1001.003 - Protocol or Service Impersonation
T1189 - Drive-by Compromise
T1027.007 - Dynamic API Resolution
T1124 - System Time Discovery

MITREへのリンク →

Contagious Interview

Score: 19.29

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1681 - Search Threat Vendor Data
T1583.006 - Web Services
T1543.001 - Launch Agent
T1204.004 - Malicious Copy and Paste

MITREへのリンク →

OilRig

Score: 9.41

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1203 - Exploitation for Client Execution

MITREへのリンク →

UNC3886

Score: 14.24

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1681 - Search Threat Vendor Data
T1588.001 - Malware
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

LuminousMoth

Score: 9.56

Matched TTPs:

T1587.001 - Malware
T1091 - Replication Through Removable Media
T1608.001 - Upload Malware
T1588.001 - Malware

MITREへのリンク →

Salt Typhoon

Score: 3.57

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

APT29

Score: 7.07

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

Play

Score: 3.57

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Aoqin Dragon

Score: 6.62

Matched TTPs:

T1587.001 - Malware
T1091 - Replication Through Removable Media
T1203 - Exploitation for Client Execution

MITREへのリンク →

Moses Staff

Score: 3.57

Matched TTPs:

T1587.001 - Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Turla

Score: 14.55

Matched TTPs:

T1587.001 - Malware
T1588.001 - Malware
T1583.006 - Web Services
T1584.006 - Web Services
T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

Ke3chang

Score: 9.75

Matched TTPs:

T1587.001 - Malware
T1583.005 - Botnet
T1190 - Exploit Public-Facing Application
T1003.003 - NTDS

MITREへのリンク →

Mustang Panda

Score: 20.93

Matched TTPs:

T1587.001 - Malware
T1091 - Replication Through Removable Media
T1608.001 - Upload Malware
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1001.003 - Protocol or Service Impersonation
T1027.007 - Dynamic API Resolution
T1003.003 - NTDS

MITREへのリンク →

TeamTNT

Score: 4.07

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware

MITREへのリンク →

FIN7

Score: 13.18

Matched TTPs:

T1587.001 - Malware
T1091 - Replication Through Removable Media
T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1124 - System Time Discovery

MITREへのリンク →

HAFNIUM

Score: 13.29

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1583.006 - Web Services
T1003.003 - NTDS

MITREへのリンク →

APT5

Score: 5.31

Matched TTPs:

T1583.005 - Botnet
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Gamaredon Group

Score: 7.02

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.001 - Upload Malware
T1583.006 - Web Services

MITREへのリンク →

Darkhotel

Score: 8.88

Matched TTPs:

T1091 - Replication Through Removable Media
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

Tropic Trooper

Score: 4.53

Matched TTPs:

T1091 - Replication Through Removable Media
T1203 - Exploitation for Client Execution

MITREへのリンク →

TA2541

Score: 6.44

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1583.006 - Web Services

MITREへのリンク →

Earth Lusca

Score: 13.30

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1588.001 - Malware
T1583.006 - Web Services
T1584.006 - Web Services
T1189 - Drive-by Compromise

MITREへのリンク →

LazyScripter

Score: 6.44

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware
T1583.006 - Web Services

MITREへのリンク →

Threat Group-3390

Score: 6.70

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

TA505

Score: 4.43

Matched TTPs:

T1608.001 - Upload Malware
T1588.001 - Malware

MITREへのリンク →

BlackByte

Score: 3.44

Matched TTPs:

T1608.001 - Upload Malware
T1190 - Exploit Public-Facing Application

MITREへのリンク →

BITTER

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

APT32

Score: 7.24

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Saint Bear

Score: 5.48

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

EXOTIC LILY

Score: 3.47

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution

MITREへのリンク →

BackdoorDiplomacy

Score: 3.93

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.001 - Malware

MITREへのリンク →

GOLD SOUTHFIELD

Score: 4.76

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1566 - Phishing

MITREへのリンク →

Magic Hound

Score: 9.09

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1592.002 - Software
T1189 - Drive-by Compromise

MITREへのリンク →

Medusa Group

Score: 14.90

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1650 - Acquire Access
T1003.003 - NTDS
T1218.014 - MMC

MITREへのリンク →

Sea Turtle

Score: 6.25

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1566 - Phishing
T1203 - Exploitation for Client Execution

MITREへのリンク →

Fox Kitten

Score: 7.66

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1003.003 - NTDS
T1213.005 - Messaging Applications

MITREへのリンク →

menuPass

Score: 3.81

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1003.003 - NTDS

MITREへのリンク →

Winter Vivern

Score: 6.86

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1584.006 - Web Services
T1189 - Drive-by Compromise

MITREへのリンク →

INC Ransom

Score: 4.76

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1566 - Phishing

MITREへのリンク →

Dragonfly

Score: 7.07

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1003.003 - NTDS

MITREへのリンク →

Axiom

Score: 11.64

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1566 - Phishing
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

APT41

Score: 5.30

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1003.003 - NTDS

MITREへのリンク →

MuddyWater

Score: 4.98

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1583.006 - Web Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1659 - Content Injection

MITREへのリンク →

LAPSUS$

Score: 12.78

Matched TTPs:

T1588.001 - Malware
T1578.002 - Create Cloud Instance
T1003.003 - NTDS
T1213.005 - Messaging Applications

MITREへのリンク →

Andariel

Score: 9.56

Matched TTPs:

T1588.001 - Malware
T1592.002 - Software
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Scattered Spider

Score: 12.78

Matched TTPs:

T1588.001 - Malware
T1578.002 - Create Cloud Instance
T1003.003 - NTDS
T1213.005 - Messaging Applications

MITREへのリンク →

Confucius

Score: 3.51

Matched TTPs:

T1583.006 - Web Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

AppleJeus

Score: 3.29

Matched TTPs:

T1566 - Phishing

MITREへのリンク →

CURIUM

Score: 7.98

Matched TTPs:

T1584.006 - Web Services
T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

Storm-1811

Score: 4.54

Matched TTPs:

T1566.004 - Spearphishing Voice

MITREへのリンク →

Sidewinder

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

The White Company

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Patchwork

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Higaisa

Score: 7.93

Matched TTPs:

T1203 - Exploitation for Client Execution
T1001.003 - Protocol or Service Impersonation
T1124 - System Time Discovery

MITREへのリンク →

APT37

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

BRONZE BUTLER

Score: 5.85

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1124 - System Time Discovery

MITREへのリンク →

Transparent Tribe

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Elderwood

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Chimera

Score: 4.93

Matched TTPs:

T1003.003 - NTDS
T1124 - System Time Discovery

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.81

Matched TTPs:

T1592.002 - Software
T1195 - Supply Chain Compromise
T1587.001 - Malware
T1491.002 - External Defacement
T1190 - Exploit Public-Facing Application
T1584.005 - Botnet
T1203 - Exploitation for Client Execution
T1608.001 - Upload Malware
T1003.003 - NTDS

MITREへのリンク →

Mustang Panda

Score: 0.70

Matched TTPs:

T1001.003 - Protocol or Service Impersonation
T1587.001 - Malware
T1027.007 - Dynamic API Resolution
T1091 - Replication Through Removable Media
T1203 - Exploitation for Client Execution
T1608.001 - Upload Malware
T1003.003 - NTDS
T1583.006 - Web Services

MITREへのリンク →

APT28

Score: 0.67

Matched TTPs:

T1669 - Wi-Fi Networks
T1091 - Replication Through Removable Media
T1189 - Drive-by Compromise
T1584.008 - Network Devices
T1203 - Exploitation for Client Execution
T1190 - Exploit Public-Facing Application
T1003.003 - NTDS
T1583.006 - Web Services

MITREへのリンク →

Kimsuky

Score: 0.67

Matched TTPs:

T1176.001 - Browser Extensions
T1587.001 - Malware
T1588.005 - Exploits
T1566 - Phishing
T1190 - Exploit Public-Facing Application
T1608.001 - Upload Malware
T1583.006 - Web Services

MITREへのリンク →

Contagious Interview

Score: 0.67

Matched TTPs:

T1204.004 - Malicious Copy and Paste
T1587.001 - Malware
T1681 - Search Threat Vendor Data
T1543.001 - Launch Agent
T1608.001 - Upload Malware
T1583.006 - Web Services

MITREへのリンク →

Lazarus Group

Score: 0.62

Matched TTPs:

T1001.003 - Protocol or Service Impersonation
T1587.001 - Malware
T1027.007 - Dynamic API Resolution
T1189 - Drive-by Compromise
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery
T1583.006 - Web Services

MITREへのリンク →

Ember Bear

Score: 0.56

Matched TTPs:

T1195 - Supply Chain Compromise
T1588.005 - Exploits
T1588.001 - Malware
T1491.002 - External Defacement
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る