Trusted Design

Large malvertising campaign hits popular Dutch websites

概要

On Sunday April 10th the Fox-IT Security Operations Center (SOC) started to see an increase of exploit kit related incidents. The incidents originated from a large malvertising campaign hitting the Netherlands. The list of affected websites spreads across most of the popular Dutch websites. In total we’ve now seen at least 288 websites being affected.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

A VAST Malvertising Attack (score: 0.72)
WordPress Compromise Campaign (score: 0.67)
Large Malvertising Campaign Leads to Angler EK & Bunitu Malware (score: 0.66)
Compromised WordPress sites redirect visitors to Nuclear EK (score: 0.64)
Large Malvertising Campaign Goes (Almost) Undetected (score: 0.62)

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 38.55

Matched TTPs:

T1033 - System Owner/User Discovery
T1114 - Email Collection
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1683.001 - Written Content
T1608.005 - Link Target
T1057 - Process Discovery
T1102.003 - One-Way Communication
T1690 - Prevent Command History Logging
T1547.002 - Authentication Package
T1665 - Hide Infrastructure
T1003.003 - NTDS

MITREへのリンク →

Sea Turtle

Score: 6.00

Matched TTPs:

T1033 - System Owner/User Discovery
T1140 - Deobfuscate/Decode Files or Information
T1218.010 - Regsvr32

MITREへのリンク →

Ember Bear

Score: 24.83

Matched TTPs:

T1033 - System Owner/User Discovery
T1564.008 - Email Hiding Rules
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1218.010 - Regsvr32
T1519 - Emond
T1003.003 - NTDS

MITREへのリンク →

Indrik Spider

Score: 6.88

Matched TTPs:

T1033 - System Owner/User Discovery
T1552.008 - Chat Messages

MITREへのリンク →

Agrius

Score: 4.50

Matched TTPs:

T1033 - System Owner/User Discovery
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

Contagious Interview

Score: 18.28

Matched TTPs:

T1033 - System Owner/User Discovery
T1091 - Replication Through Removable Media
T1021.006 - Windows Remote Management
T1608.005 - Link Target
T1102.003 - One-Way Communication
T1690 - Prevent Command History Logging

MITREへのリンク →

Sandworm Team

Score: 37.66

Matched TTPs:

T1033 - System Owner/User Discovery
T1564.008 - Email Hiding Rules
T1114 - Email Collection
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1005 - Data from Local System
T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1193 - Spearphishing Attachment
T1102.003 - One-Way Communication
T1187 - Forced Authentication
T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

Star Blizzard

Score: 10.75

Matched TTPs:

T1033 - System Owner/User Discovery
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1102.003 - One-Way Communication

MITREへのリンク →

Volt Typhoon

Score: 30.52

Matched TTPs:

T1148 - HISTCONTROL
T1114 - Email Collection
T1553.002 - Code Signing
T1140 - Deobfuscate/Decode Files or Information
T1057 - Process Discovery
T1552.008 - Chat Messages
T1102.003 - One-Way Communication
T1574.002 - DLL Side-Loading
T1665 - Hide Infrastructure

MITREへのリンク →

Silent Librarian

Score: 5.74

Matched TTPs:

T1114 - Email Collection
T1566.002 - Spearphishing Link

MITREへのリンク →

EXOTIC LILY

Score: 15.13

Matched TTPs:

T1114 - Email Collection
T1091 - Replication Through Removable Media
T1149 - LC_MAIN Hijacking
T1690 - Prevent Command History Logging
T1218.010 - Regsvr32

MITREへのリンク →

TA578

Score: 5.30

Matched TTPs:

T1114 - Email Collection
T1608.005 - Link Target

MITREへのリンク →

Sidewinder

Score: 3.95

Matched TTPs:

T1566.002 - Spearphishing Link
T1218.010 - Regsvr32

MITREへのリンク →

Mustang Panda

Score: 11.22

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1102.003 - One-Way Communication
T1218.010 - Regsvr32

MITREへのリンク →

ZIRCONIUM

Score: 6.87

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1547.002 - Authentication Package

MITREへのリンク →

APT32

Score: 12.74

Matched TTPs:

T1566.002 - Spearphishing Link
T1115 - Clipboard Data
T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Magic Hound

Score: 16.54

Matched TTPs:

T1566.002 - Spearphishing Link
T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1608.005 - Link Target
T1187 - Forced Authentication
T1547.002 - Authentication Package
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT28

Score: 21.61

Matched TTPs:

T1566.002 - Spearphishing Link
T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1608.005 - Link Target
T1057 - Process Discovery
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1566.003 - Spearphishing via Service

MITREへのリンク →

Moonstone Sleet

Score: 7.72

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1057 - Process Discovery

MITREへのリンク →

CURIUM

Score: 10.88

Matched TTPs:

T1566.002 - Spearphishing Link
T1115 - Clipboard Data
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

Dragonfly

Score: 16.66

Matched TTPs:

T1566.002 - Spearphishing Link
T1115 - Clipboard Data
T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1193 - Spearphishing Attachment
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Patchwork

Score: 8.55

Matched TTPs:

T1566.002 - Spearphishing Link
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1665 - Hide Infrastructure

MITREへのリンク →

Transparent Tribe

Score: 6.29

Matched TTPs:

T1115 - Clipboard Data
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

LuminousMoth

Score: 5.01

Matched TTPs:

T1115 - Clipboard Data
T1091 - Replication Through Removable Media

MITREへのリンク →

FIN7

Score: 14.17

Matched TTPs:

T1115 - Clipboard Data
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1608.005 - Link Target
T1057 - Process Discovery
T1547.002 - Authentication Package

MITREへのリンク →

Threat Group-3390

Score: 9.74

Matched TTPs:

T1115 - Clipboard Data
T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Mustard Tempest

Score: 6.77

Matched TTPs:

T1115 - Clipboard Data
T1091 - Replication Through Removable Media
T1059.012 - Hypervisor CLI

MITREへのリンク →

Salt Typhoon

Score: 5.31

Matched TTPs:

T1553.002 - Code Signing
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

FIN13

Score: 5.31

Matched TTPs:

T1553.002 - Code Signing
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

TA2541

Score: 3.99

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.005 - Link Target

MITREへのリンク →

Earth Lusca

Score: 13.43

Matched TTPs:

T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1608.005 - Link Target
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

OilRig

Score: 7.31

Matched TTPs:

T1091 - Replication Through Removable Media
T1005 - Data from Local System
T1218.010 - Regsvr32

MITREへのリンク →

TeamTNT

Score: 11.53

Matched TTPs:

T1091 - Replication Through Removable Media
T1562.004 - Disable or Modify System Firewall
T1519 - Emond
T1665 - Hide Infrastructure

MITREへのリンク →

LazyScripter

Score: 3.99

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.005 - Link Target

MITREへのリンク →

Gamaredon Group

Score: 6.38

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1547.002 - Authentication Package

MITREへのリンク →

BlackByte

Score: 3.44

Matched TTPs:

T1091 - Replication Through Removable Media
T1140 - Deobfuscate/Decode Files or Information

MITREへのリンク →

BITTER

Score: 3.47

Matched TTPs:

T1091 - Replication Through Removable Media
T1218.010 - Regsvr32

MITREへのリンク →

HEXANE

Score: 4.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.002 - Authentication Package

MITREへのリンク →

Saint Bear

Score: 5.48

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

Medusa Group

Score: 3.48

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1608.005 - Link Target

MITREへのリンク →

ToddyCat

Score: 4.30

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1665 - Hide Infrastructure

MITREへのリンク →

Winter Vivern

Score: 9.45

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT29

Score: 7.57

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

Leviathan

Score: 7.32

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Volatile Cedar

Score: 8.19

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1002 - Data Compressed

MITREへのリンク →

UNC3886

Score: 7.10

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1021.006 - Windows Remote Management
T1218.010 - Regsvr32

MITREへのリンク →

Axiom

Score: 4.73

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT41

Score: 13.82

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1562.004 - Disable or Modify System Firewall
T1218.010 - Regsvr32
T1002 - Data Compressed
T1574.002 - DLL Side-Loading

MITREへのリンク →

HAFNIUM

Score: 11.86

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1059 - Command and Scripting Interpreter
T1608.005 - Link Target
T1552.008 - Chat Messages

MITREへのリンク →

MuddyWater

Score: 7.37

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1608.005 - Link Target
T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

APT39

Score: 3.87

Matched TTPs:

T1140 - Deobfuscate/Decode Files or Information
T1547.002 - Authentication Package

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1055.003 - Thread Execution Hijacking

MITREへのリンク →

LAPSUS$

Score: 3.84

Matched TTPs:

T1193 - Spearphishing Attachment

MITREへのリンク →

Turla

Score: 9.80

Matched TTPs:

T1608.005 - Link Target
T1218.001 - Compiled HTML File
T1547.002 - Authentication Package
T1059.012 - Hypervisor CLI

MITREへのリンク →

Lazarus Group

Score: 13.79

Matched TTPs:

T1608.005 - Link Target
T1057 - Process Discovery
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI
T1665 - Hide Infrastructure

MITREへのリンク →

Confucius

Score: 6.34

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32
T1665 - Hide Infrastructure

MITREへのリンク →

POLONIUM

Score: 4.41

Matched TTPs:

T1608.005 - Link Target
T1547.002 - Authentication Package

MITREへのリンク →

Andariel

Score: 7.10

Matched TTPs:

T1187 - Forced Authentication
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT37

Score: 5.66

Matched TTPs:

T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT12

Score: 3.89

Matched TTPs:

T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

Higaisa

Score: 4.33

Matched TTPs:

T1218.010 - Regsvr32
T1665 - Hide Infrastructure

MITREへのリンク →

BRONZE BUTLER

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Tropic Trooper

Score: 4.33

Matched TTPs:

T1218.010 - Regsvr32
T1665 - Hide Infrastructure

MITREへのリンク →

Elderwood

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Darkhotel

Score: 3.26

Matched TTPs:

T1218.010 - Regsvr32
T1059.012 - Hypervisor CLI

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Velvet Ant

Score: 4.13

Matched TTPs:

T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.82

Matched TTPs:

T1608.005 - Link Target
T1690 - Prevent Command History Logging
T1114 - Email Collection
T1057 - Process Discovery
T1547.002 - Authentication Package
T1003.003 - NTDS
T1665 - Hide Infrastructure
T1140 - Deobfuscate/Decode Files or Information
T1033 - System Owner/User Discovery
T1566.002 - Spearphishing Link
T1683.001 - Written Content
T1091 - Replication Through Removable Media
T1102.003 - One-Way Communication

MITREへのリンク →

Sandworm Team

Score: 0.81

Matched TTPs:

T1005 - Data from Local System
T1114 - Email Collection
T1218.010 - Regsvr32
T1562.004 - Disable or Modify System Firewall
T1187 - Forced Authentication
T1547.002 - Authentication Package
T1193 - Spearphishing Attachment
T1564.008 - Email Hiding Rules
T1140 - Deobfuscate/Decode Files or Information
T1033 - System Owner/User Discovery
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1102.003 - One-Way Communication

MITREへのリンク →

Volt Typhoon

Score: 0.66

Matched TTPs:

T1114 - Email Collection
T1553.002 - Code Signing
T1665 - Hide Infrastructure
T1574.002 - DLL Side-Loading
T1148 - HISTCONTROL
T1057 - Process Discovery
T1140 - Deobfuscate/Decode Files or Information
T1102.003 - One-Way Communication
T1552.008 - Chat Messages

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る