Trusted Design

Carbanak Group Targets Financial Orgs in the Middle East

概要

The Carbanak group is infamous for infiltrating various financial institutions, and stealing millions of dollars by learning and abusing the internals of victim payment processing networks, ATM networks and transaction systems. Recently, we detected Carbanak campaigns attempting to: • Target high level executives in financial companies or in financial/decision-making roles in the Middle East, U.S. and Europe • Spear-phishing emails delivering URLs, macro documents, exploit documents • Use of Spy.Sekur (Carbanak malware) and commodity remote access Trojans (RATs) such as jRAT, Netwire, Cybergate and others used in support of operations.

Created: 2026-02-23

Indicators

類似Pulses

Carbanak gang is back and packing new guns (score: 0.78)
KRBanker Targets South Korea Through Adware and Exploit Kits (score: 0.62)
EngineBox Malware Supports 10+ Brazilian Banks - SANS Internet Storm Center (score: 0.61)
OilRig Deploys ALMA Communicator – DNS Tunneling Trojan (score: 0.61)
Targeted Crimeware in the Midst of Indiscriminate Activity (score: 0.60)

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 34.42

Matched TTPs:

T1033 - System Owner/User Discovery
T1566.002 - Spearphishing Link
T1683.001 - Written Content
T1552.003 - Shell History
T1102.003 - One-Way Communication
T1562.013 - Disable or Modify Network Device Firewall
T1197 - BITS Jobs
T1565.002 - Transmitted Data Manipulation
T1526 - Cloud Service Discovery
T1622 - Debugger Evasion
T1003.003 - NTDS

MITREへのリンク →

Sea Turtle

Score: 7.81

Matched TTPs:

T1033 - System Owner/User Discovery
T1562.013 - Disable or Modify Network Device Firewall
T1218.010 - Regsvr32

MITREへのリンク →

Ember Bear

Score: 12.79

Matched TTPs:

T1033 - System Owner/User Discovery
T1564.008 - Email Hiding Rules
T1218.010 - Regsvr32
T1003.003 - NTDS

MITREへのリンク →

Indrik Spider

Score: 4.68

Matched TTPs:

T1033 - System Owner/User Discovery
T1622 - Debugger Evasion

MITREへのリンク →

Agrius

Score: 4.68

Matched TTPs:

T1033 - System Owner/User Discovery
T1622 - Debugger Evasion

MITREへのリンク →

Contagious Interview

Score: 14.29

Matched TTPs:

T1033 - System Owner/User Discovery
T1552.003 - Shell History
T1102.003 - One-Way Communication
T1565.002 - Transmitted Data Manipulation
T1547.008 - LSASS Driver

MITREへのリンク →

Sandworm Team

Score: 14.40

Matched TTPs:

T1033 - System Owner/User Discovery
T1564.008 - Email Hiding Rules
T1566.002 - Spearphishing Link
T1102.003 - One-Way Communication
T1218.010 - Regsvr32

MITREへのリンク →

Star Blizzard

Score: 8.78

Matched TTPs:

T1033 - System Owner/User Discovery
T1566.002 - Spearphishing Link
T1102.003 - One-Way Communication

MITREへのリンク →

Scattered Spider

Score: 20.97

Matched TTPs:

T1666 - Modify Cloud Resource Hierarchy
T1566.002 - Spearphishing Link
T1070.002 - Clear Linux or Mac System Logs
T1552.003 - Shell History
T1197 - BITS Jobs
T1565.002 - Transmitted Data Manipulation
T1622 - Debugger Evasion

MITREへのリンク →

FIN4

Score: 4.13

Matched TTPs:

T1666 - Modify Cloud Resource Hierarchy

MITREへのリンク →

Sidewinder

Score: 6.54

Matched TTPs:

T1566.002 - Spearphishing Link
T1218.010 - Regsvr32
T1578.001 - Create Snapshot

MITREへのリンク →

Mustang Panda

Score: 17.45

Matched TTPs:

T1566.002 - Spearphishing Link
T1102.003 - One-Way Communication
T1218.010 - Regsvr32
T1565.002 - Transmitted Data Manipulation
T1526 - Cloud Service Discovery
T1055.005 - Thread Local Storage

MITREへのリンク →

ZIRCONIUM

Score: 8.49

Matched TTPs:

T1566.002 - Spearphishing Link
T1197 - BITS Jobs
T1578.001 - Create Snapshot

MITREへのリンク →

APT32

Score: 7.80

Matched TTPs:

T1566.002 - Spearphishing Link
T1592.004 - Client Configurations
T1218.010 - Regsvr32

MITREへのリンク →

Magic Hound

Score: 6.63

Matched TTPs:

T1566.002 - Spearphishing Link
T1622 - Debugger Evasion
T1547.008 - LSASS Driver

MITREへのリンク →

APT28

Score: 15.08

Matched TTPs:

T1566.002 - Spearphishing Link
T1218.010 - Regsvr32
T1197 - BITS Jobs
T1200 - Hardware Additions
T1546.007 - Netsh Helper DLL

MITREへのリンク →

Moonstone Sleet

Score: 8.42

Matched TTPs:

T1566.002 - Spearphishing Link
T1197 - BITS Jobs
T1547.008 - LSASS Driver

MITREへのリンク →

CURIUM

Score: 7.57

Matched TTPs:

T1566.002 - Spearphishing Link
T1578.001 - Create Snapshot
T1547.008 - LSASS Driver

MITREへのリンク →

Dragonfly

Score: 8.75

Matched TTPs:

T1566.002 - Spearphishing Link
T1218.010 - Regsvr32
T1200 - Hardware Additions
T1622 - Debugger Evasion

MITREへのリンク →

Patchwork

Score: 8.75

Matched TTPs:

T1566.002 - Spearphishing Link
T1059.004 - Unix Shell
T1218.010 - Regsvr32
T1622 - Debugger Evasion

MITREへのリンク →

LAPSUS$

Score: 3.84

Matched TTPs:

T1070.002 - Clear Linux or Mac System Logs

MITREへのリンク →

Storm-0501

Score: 9.30

Matched TTPs:

T1070.002 - Clear Linux or Mac System Logs
T1552.003 - Shell History
T1565.002 - Transmitted Data Manipulation

MITREへのリンク →

APT29

Score: 7.86

Matched TTPs:

T1592.004 - Client Configurations
T1218.010 - Regsvr32
T1547.008 - LSASS Driver

MITREへのリンク →

BRONZE BUTLER

Score: 7.93

Matched TTPs:

T1592.004 - Client Configurations
T1218.010 - Regsvr32
T1578.001 - Create Snapshot

MITREへのリンク →

INC Ransom

Score: 7.46

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall
T1622 - Debugger Evasion

MITREへのリンク →

FIN13

Score: 7.10

Matched TTPs:

T1552.003 - Shell History
T1622 - Debugger Evasion
T1569.002 - Service Execution

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Akira

Score: 4.17

Matched TTPs:

T1552.003 - Shell History
T1622 - Debugger Evasion

MITREへのリンク →

Medusa Group

Score: 12.33

Matched TTPs:

T1552.003 - Shell History
T1598 - Phishing for Information
T1622 - Debugger Evasion
T1216 - System Script Proxy Execution

MITREへのリンク →

APT33

Score: 5.63

Matched TTPs:

T1567.001 - Exfiltration to Code Repository
T1218.010 - Regsvr32

MITREへのリンク →

Wizard Spider

Score: 8.93

Matched TTPs:

T1567.001 - Exfiltration to Code Repository
T1526 - Cloud Service Discovery
T1622 - Debugger Evasion

MITREへのリンク →

Volt Typhoon

Score: 14.59

Matched TTPs:

T1102.003 - One-Way Communication
T1584.002 - DNS Server
T1622 - Debugger Evasion
T1578.001 - Create Snapshot
T1569.002 - Service Execution

MITREへのリンク →

Axiom

Score: 10.96

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall
T1218.010 - Regsvr32
T1622 - Debugger Evasion
T1160 - Launch Daemon

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

UNC3886

Score: 7.24

Matched TTPs:

T1059.004 - Unix Shell
T1218.010 - Regsvr32
T1578.001 - Create Snapshot

MITREへのリンク →

Deep Panda

Score: 3.15

Matched TTPs:

T1059.004 - Unix Shell

MITREへのリンク →

GALLIUM

Score: 3.15

Matched TTPs:

T1059.004 - Unix Shell

MITREへのリンク →

OilRig

Score: 11.97

Matched TTPs:

T1059.004 - Unix Shell
T1218.010 - Regsvr32
T1526 - Cloud Service Discovery
T1622 - Debugger Evasion
T1547.008 - LSASS Driver

MITREへのリンク →

Turla

Score: 8.67

Matched TTPs:

T1059.004 - Unix Shell
T1578.001 - Create Snapshot
T1569.002 - Service Execution

MITREへのリンク →

APT3

Score: 6.29

Matched TTPs:

T1059.004 - Unix Shell
T1218.010 - Regsvr32
T1622 - Debugger Evasion

MITREへのリンク →

Threat Group-3390

Score: 4.65

Matched TTPs:

T1218.010 - Regsvr32
T1526 - Cloud Service Discovery

MITREへのリンク →

The White Company

Score: 4.09

Matched TTPs:

T1218.010 - Regsvr32
T1578.001 - Create Snapshot

MITREへのリンク →

EXOTIC LILY

Score: 4.02

Matched TTPs:

T1218.010 - Regsvr32
T1547.008 - LSASS Driver

MITREへのリンク →

Lazarus Group

Score: 18.94

Matched TTPs:

T1218.010 - Regsvr32
T1055.005 - Thread Local Storage
T1622 - Debugger Evasion
T1578.001 - Create Snapshot
T1547.008 - LSASS Driver
T1569.002 - Service Execution
T1216 - System Script Proxy Execution

MITREへのリンク →

BlackTech

Score: 4.65

Matched TTPs:

T1218.010 - Regsvr32
T1526 - Cloud Service Discovery

MITREへのリンク →

Confucius

Score: 4.65

Matched TTPs:

T1218.010 - Regsvr32
T1200 - Hardware Additions

MITREへのリンク →

Higaisa

Score: 7.01

Matched TTPs:

T1218.010 - Regsvr32
T1578.001 - Create Snapshot
T1569.002 - Service Execution

MITREへのリンク →

Cobalt Group

Score: 3.14

Matched TTPs:

T1218.010 - Regsvr32
T1622 - Debugger Evasion

MITREへのリンク →

Leviathan

Score: 3.14

Matched TTPs:

T1218.010 - Regsvr32
T1622 - Debugger Evasion

MITREへのリンク →

APT37

Score: 5.12

Matched TTPs:

T1218.010 - Regsvr32
T1216 - System Script Proxy Execution

MITREへのリンク →

Tropic Trooper

Score: 4.65

Matched TTPs:

T1218.010 - Regsvr32
T1200 - Hardware Additions

MITREへのリンク →

Inception

Score: 4.65

Matched TTPs:

T1218.010 - Regsvr32
T1200 - Hardware Additions

MITREへのリンク →

APT41

Score: 3.14

Matched TTPs:

T1218.010 - Regsvr32
T1622 - Debugger Evasion

MITREへのリンク →

Darkhotel

Score: 4.09

Matched TTPs:

T1218.010 - Regsvr32
T1578.001 - Create Snapshot

MITREへのリンク →

SideCopy

Score: 4.13

Matched TTPs:

T1584.002 - DNS Server

MITREへのリンク →

Storm-1811

Score: 5.45

Matched TTPs:

T1565.002 - Transmitted Data Manipulation
T1547.008 - LSASS Driver

MITREへのリンク →

Gamaredon Group

Score: 3.15

Matched TTPs:

T1200 - Hardware Additions

MITREへのリンク →

DarkHydrus

Score: 3.15

Matched TTPs:

T1200 - Hardware Additions

MITREへのリンク →

FIN8

Score: 4.80

Matched TTPs:

T1526 - Cloud Service Discovery
T1622 - Debugger Evasion

MITREへのリンク →

APT39

Score: 4.58

Matched TTPs:

T1622 - Debugger Evasion
T1569.002 - Service Execution

MITREへのリンク →

FIN7

Score: 4.24

Matched TTPs:

T1622 - Debugger Evasion
T1578.001 - Create Snapshot

MITREへのリンク →

FIN6

Score: 4.17

Matched TTPs:

T1622 - Debugger Evasion
T1547.008 - LSASS Driver

MITREへのリンク →

Blue Mockingbird

Score: 6.19

Matched TTPs:

T1622 - Debugger Evasion
T1001.001 - Junk Data

MITREへのリンク →

Chimera

Score: 4.24

Matched TTPs:

T1622 - Debugger Evasion
T1578.001 - Create Snapshot

MITREへのリンク →

APT38

Score: 3.62

Matched TTPs:

T1216 - System Script Proxy Execution

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.83

Matched TTPs:

T1197 - BITS Jobs
T1683.001 - Written Content
T1622 - Debugger Evasion
T1526 - Cloud Service Discovery
T1102.003 - One-Way Communication
T1566.002 - Spearphishing Link
T1552.003 - Shell History
T1033 - System Owner/User Discovery
T1562.013 - Disable or Modify Network Device Firewall
T1565.002 - Transmitted Data Manipulation
T1003.003 - NTDS

MITREへのリンク →

Scattered Spider

Score: 0.56

Matched TTPs:

T1070.002 - Clear Linux or Mac System Logs
T1197 - BITS Jobs
T1622 - Debugger Evasion
T1666 - Modify Cloud Resource Hierarchy
T1566.002 - Spearphishing Link
T1552.003 - Shell History
T1565.002 - Transmitted Data Manipulation

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る