Pulse Detail-

Mobile Devices Used to Execute DNS Malware Against Home Routers

概要

Attacks against home routers have been going around for years—from malware that rigs routers to DNS rebinding attacks and backdoors, among others. Just last year one of our researchers reported a Domain Name System (DNS) changer malware that redirected users to malicious pages when they visited specific websites. This enabled cyber crooks to get hold of the victims’ online credentials, such as passwords and PINs Source : http://blog.trendmicro.com/trendlabs-security-intelligence/mobile-devices-used-to-execute-dns-malware-against-home-routers/

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Linux/TheMoon (Linux/Moon, Linux/Proxy) (score: 0.65)
Malware issuing domains (score: 0.63)
New Trojan for Linux infects routers (score: 0.59)
Greenbugs DNS-isms (score: 0.59)
Malware URLs (score: 0.59)

このPulseに関連する脅威アクター (事実ベース)

Mustang Panda

Score: 18.60

Matched TTPs:

T1037 - Boot or Logon Initialization Scripts
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1608.005 - Link Target
T1055.005 - Thread Local Storage
T1105 - Ingress Tool Transfer

MITREへのリンク →

Kimsuky

Score: 26.42

Matched TTPs:

T1037 - Boot or Logon Initialization Scripts
T1114 - Email Collection
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1588.001 - Malware
T1608.005 - Link Target
T1008 - Fallback Channels
T1053.002 - At
T1490 - Inhibit System Recovery

MITREへのリンク →

Sea Turtle

Score: 16.01

Matched TTPs:

T1037 - Boot or Logon Initialization Scripts
T1499.003 - Application Exhaustion Flood
T1098.007 - Additional Local or Domain Groups
T1137.004 - Outlook Home Page
T1490 - Inhibit System Recovery

MITREへのリンク →

Volt Typhoon

Score: 21.50

Matched TTPs:

T1148 - HISTCONTROL
T1685.001 - Disable or Modify Windows Event Log
T1114 - Email Collection
T1049 - System Network Connections Discovery
T1552.008 - Chat Messages
T1578.001 - Create Snapshot

MITREへのリンク →

Ember Bear

Score: 6.88

Matched TTPs:

T1564.008 - Email Hiding Rules
T1195.001 - Compromise Software Dependencies and Development Tools

MITREへのリンク →

Sandworm Team

Score: 28.30

Matched TTPs:

T1564.008 - Email Hiding Rules
T1114 - Email Collection
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1049 - System Network Connections Discovery
T1187 - Forced Authentication
T1573 - Encrypted Channel
T1111 - Multi-Factor Authentication Interception

MITREへのリンク →

APT41

Score: 19.32

Matched TTPs:

T1539 - Steal Web Session Cookie
T1195.001 - Compromise Software Dependencies and Development Tools
T1588.001 - Malware
T1573 - Encrypted Channel
T1002 - Data Compressed
T1008 - Fallback Channels

MITREへのリンク →

TA551

Score: 4.13

Matched TTPs:

T1539 - Steal Web Session Cookie

MITREへのリンク →

APT28

Score: 26.84

Matched TTPs:

T1685.001 - Disable or Modify Windows Event Log
T1566.002 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1608.005 - Link Target
T1059.012 - Hypervisor CLI
T1146 - Clear Command History
T1105 - Ingress Tool Transfer
T1055.008 - Ptrace System Calls
T1566.003 - Spearphishing via Service

MITREへのリンク →

ZIRCONIUM

Score: 14.30

Matched TTPs:

T1685.001 - Disable or Modify Windows Event Log
T1566.002 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1588.001 - Malware
T1608.005 - Link Target
T1578.001 - Create Snapshot

MITREへのリンク →

Leviathan

Score: 6.90

Matched TTPs:

T1685.001 - Disable or Modify Windows Event Log
T1098.007 - Additional Local or Domain Groups
T1059.012 - Hypervisor CLI

MITREへのリンク →

Mustard Tempest

Score: 19.13

Matched TTPs:

T1682 - Query Public AI Services
T1115 - Clipboard Data
T1091 - Replication Through Removable Media
T1059.012 - Hypervisor CLI
T1543.002 - Systemd Service
T1053.002 - At

MITREへのリンク →

Silent Librarian

Score: 7.26

Matched TTPs:

T1114 - Email Collection
T1566.002 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

EXOTIC LILY

Score: 6.78

Matched TTPs:

T1114 - Email Collection
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

TA578

Score: 5.30

Matched TTPs:

T1114 - Email Collection
T1608.005 - Link Target

MITREへのリンク →

Axiom

Score: 13.77

Matched TTPs:

T1499.003 - Application Exhaustion Flood
T1049 - System Network Connections Discovery
T1059.012 - Hypervisor CLI
T1160 - Launch Daemon

MITREへのリンク →

HEXANE

Score: 7.34

Matched TTPs:

T1499.003 - Application Exhaustion Flood
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Chimera

Score: 9.88

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1059.003 - Windows Command Shell
T1578.001 - Create Snapshot

MITREへのリンク →

LazyScripter

Score: 8.25

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1608.005 - Link Target

MITREへのリンク →

Cobalt Group

Score: 5.67

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1573 - Encrypted Channel

MITREへのリンク →

OilRig

Score: 14.40

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1592.002 - Software
T1556.009 - Conditional Access Policies

MITREへのリンク →

Ke3chang

Score: 6.59

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1027.008 - Stripped Payloads

MITREへのリンク →

Tropic Trooper

Score: 8.08

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1105 - Ingress Tool Transfer
T1490 - Inhibit System Recovery

MITREへのリンク →

FIN7

Score: 24.23

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1115 - Clipboard Data
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1588.001 - Malware
T1608.005 - Link Target
T1573 - Encrypted Channel
T1105 - Ingress Tool Transfer
T1578.001 - Create Snapshot
T1490 - Inhibit System Recovery

MITREへのリンク →

Sidewinder

Score: 5.05

Matched TTPs:

T1566.002 - Spearphishing Link
T1578.001 - Create Snapshot

MITREへのリンク →

Scattered Spider

Score: 8.51

Matched TTPs:

T1566.002 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1027.002 - Software Packing

MITREへのリンク →

APT32

Score: 20.19

Matched TTPs:

T1566.002 - Spearphishing Link
T1115 - Clipboard Data
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1588.001 - Malware
T1608.005 - Link Target
T1059.012 - Hypervisor CLI
T1105 - Ingress Tool Transfer
T1490 - Inhibit System Recovery

MITREへのリンク →

Magic Hound

Score: 16.98

Matched TTPs:

T1566.002 - Spearphishing Link
T1098.007 - Additional Local or Domain Groups
T1588.001 - Malware
T1608.005 - Link Target
T1187 - Forced Authentication
T1059.012 - Hypervisor CLI
T1053.002 - At

MITREへのリンク →

Star Blizzard

Score: 5.95

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Moonstone Sleet

Score: 8.88

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1573 - Encrypted Channel

MITREへのリンク →

CURIUM

Score: 14.99

Matched TTPs:

T1566.002 - Spearphishing Link
T1115 - Clipboard Data
T1098.007 - Additional Local or Domain Groups
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI
T1578.001 - Create Snapshot

MITREへのリンク →

Dragonfly

Score: 11.70

Matched TTPs:

T1566.002 - Spearphishing Link
T1115 - Clipboard Data
T1098.007 - Additional Local or Domain Groups
T1573 - Encrypted Channel
T1059.012 - Hypervisor CLI

MITREへのリンク →

Patchwork

Score: 7.51

Matched TTPs:

T1566.002 - Spearphishing Link
T1059.012 - Hypervisor CLI
T1008 - Fallback Channels

MITREへのリンク →

HAFNIUM

Score: 22.79

Matched TTPs:

T1027.008 - Stripped Payloads
T1049 - System Network Connections Discovery
T1608.005 - Link Target
T1552.008 - Chat Messages
T1105 - Ingress Tool Transfer
T1055.008 - Ptrace System Calls
T1490 - Inhibit System Recovery

MITREへのリンク →

APT5

Score: 3.84

Matched TTPs:

T1027.008 - Stripped Payloads

MITREへのリンク →

Transparent Tribe

Score: 15.55

Matched TTPs:

T1115 - Clipboard Data
T1098.007 - Additional Local or Domain Groups
T1036.002 - Right-to-Left Override
T1059.012 - Hypervisor CLI
T1105 - Ingress Tool Transfer
T1053.002 - At

MITREへのリンク →

LuminousMoth

Score: 7.67

Matched TTPs:

T1115 - Clipboard Data
T1091 - Replication Through Removable Media
T1105 - Ingress Tool Transfer

MITREへのリンク →

Threat Group-3390

Score: 11.22

Matched TTPs:

T1115 - Clipboard Data
T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1573 - Encrypted Channel
T1059.012 - Hypervisor CLI

MITREへのリンク →

TA2541

Score: 8.79

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1036.002 - Right-to-Left Override
T1608.005 - Link Target

MITREへのリンク →

Earth Lusca

Score: 10.89

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1608.005 - Link Target
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

TeamTNT

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

Gamaredon Group

Score: 8.79

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1036.002 - Right-to-Left Override
T1608.005 - Link Target

MITREへのリンク →

SideCopy

Score: 5.26

Matched TTPs:

T1091 - Replication Through Removable Media
T1053.002 - At

MITREへのリンク →

TA505

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

BITTER

Score: 8.87

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1036.002 - Right-to-Left Override
T1588.001 - Malware

MITREへのリンク →

Saint Bear

Score: 3.99

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.005 - Link Target

MITREへのリンク →

Contagious Interview

Score: 5.50

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups
T1608.005 - Link Target

MITREへのリンク →

APT42

Score: 3.49

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.007 - Additional Local or Domain Groups

MITREへのリンク →

APT1

Score: 4.80

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1053.002 - At

MITREへのリンク →

IndigoZebra

Score: 3.53

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1608.005 - Link Target

MITREへのリンク →

RedEcho

Score: 4.80

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1036.002 - Right-to-Left Override

MITREへのリンク →

Lazarus Group

Score: 20.40

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1588.001 - Malware
T1608.005 - Link Target
T1059.012 - Hypervisor CLI
T1055.005 - Thread Local Storage
T1105 - Ingress Tool Transfer
T1578.001 - Create Snapshot
T1216 - System Script Proxy Execution

MITREへのリンク →

APT38

Score: 6.90

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1059.012 - Hypervisor CLI
T1216 - System Script Proxy Execution

MITREへのリンク →

Winter Vivern

Score: 13.54

Matched TTPs:

T1098.007 - Additional Local or Domain Groups
T1548 - Abuse Elevation Control Mechanism
T1588.001 - Malware
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1055.003 - Thread Execution Hijacking

MITREへのリンク →

APT29

Score: 17.04

Matched TTPs:

T1036.002 - Right-to-Left Override
T1608.005 - Link Target
T1218.009 - Regsvcs/Regasm
T1555.004 - Windows Credential Manager
T1490 - Inhibit System Recovery

MITREへのリンク →

FIN13

Score: 4.76

Matched TTPs:

T1588.001 - Malware
T1105 - Ingress Tool Transfer

MITREへのリンク →

Wizard Spider

Score: 5.72

Matched TTPs:

T1588.001 - Malware
T1556.009 - Conditional Access Policies

MITREへのリンク →

PROMETHIUM

Score: 6.53

Matched TTPs:

T1588.001 - Malware
T1059.012 - Hypervisor CLI
T1490 - Inhibit System Recovery

MITREへのリンク →

UNC3886

Score: 4.69

Matched TTPs:

T1588.001 - Malware
T1578.001 - Create Snapshot

MITREへのリンク →

Higaisa

Score: 4.69

Matched TTPs:

T1588.001 - Malware
T1578.001 - Create Snapshot

MITREへのリンク →

Medusa Group

Score: 10.17

Matched TTPs:

T1608.005 - Link Target
T1216 - System Script Proxy Execution
T1094 - Custom Command and Control Protocol

MITREへのリンク →

Turla

Score: 16.28

Matched TTPs:

T1608.005 - Link Target
T1218.001 - Compiled HTML File
T1556.009 - Conditional Access Policies
T1059.012 - Hypervisor CLI
T1578.001 - Create Snapshot
T1490 - Inhibit System Recovery

MITREへのリンク →

Indrik Spider

Score: 3.84

Matched TTPs:

T1552.008 - Chat Messages

MITREへのリンク →

Andariel

Score: 5.61

Matched TTPs:

T1187 - Forced Authentication
T1059.012 - Hypervisor CLI

MITREへのリンク →

Daggerfly

Score: 4.69

Matched TTPs:

T1573 - Encrypted Channel
T1059.012 - Hypervisor CLI

MITREへのリンク →

Volatile Cedar

Score: 4.13

Matched TTPs:

T1002 - Data Compressed

MITREへのリンク →

LAPSUS$

Score: 4.13

Matched TTPs:

T1137.004 - Outlook Home Page

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

RTM

Score: 5.05

Matched TTPs:

T1059.012 - Hypervisor CLI
T1008 - Fallback Channels

MITREへのリンク →

Darkhotel

Score: 4.36

Matched TTPs:

T1059.012 - Hypervisor CLI
T1578.001 - Create Snapshot

MITREへのリンク →

BRONZE BUTLER

Score: 7.64

Matched TTPs:

T1059.012 - Hypervisor CLI
T1578.001 - Create Snapshot
T1008 - Fallback Channels

MITREへのリンク →

APT37

Score: 5.39

Matched TTPs:

T1059.012 - Hypervisor CLI
T1216 - System Script Proxy Execution

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Rocke

Score: 5.95

Matched TTPs:

T1105 - Ingress Tool Transfer
T1008 - Fallback Channels

MITREへのリンク →

Velvet Ant

Score: 6.80

Matched TTPs:

T1490 - Inhibit System Recovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.78

Matched TTPs:

T1573 - Encrypted Channel
T1564.008 - Email Hiding Rules
T1091 - Replication Through Removable Media
T1114 - Email Collection
T1049 - System Network Connections Discovery
T1566.002 - Spearphishing Link
T1111 - Multi-Factor Authentication Interception
T1098.007 - Additional Local or Domain Groups
T1187 - Forced Authentication

MITREへのリンク →

APT28

Score: 0.76

Matched TTPs:

T1146 - Clear Command History
T1566.002 - Spearphishing Link
T1566.003 - Spearphishing via Service
T1055.008 - Ptrace System Calls
T1059.012 - Hypervisor CLI
T1105 - Ingress Tool Transfer
T1098.007 - Additional Local or Domain Groups
T1685.001 - Disable or Modify Windows Event Log
T1608.005 - Link Target

MITREへのリンク →

FIN7

Score: 0.74

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1573 - Encrypted Channel
T1091 - Replication Through Removable Media
T1105 - Ingress Tool Transfer
T1098.007 - Additional Local or Domain Groups
T1490 - Inhibit System Recovery
T1608.005 - Link Target
T1578.001 - Create Snapshot
T1588.001 - Malware
T1115 - Clipboard Data

MITREへのリンク →

Kimsuky

Score: 0.74

Matched TTPs:

T1091 - Replication Through Removable Media
T1114 - Email Collection
T1566.002 - Spearphishing Link
T1053.002 - At
T1098.007 - Additional Local or Domain Groups
T1490 - Inhibit System Recovery
T1608.005 - Link Target
T1037 - Boot or Logon Initialization Scripts
T1008 - Fallback Channels
T1588.001 - Malware

MITREへのリンク →

HAFNIUM

Score: 0.66

Matched TTPs:

T1049 - System Network Connections Discovery
T1027.008 - Stripped Payloads
T1055.008 - Ptrace System Calls
T1105 - Ingress Tool Transfer
T1490 - Inhibit System Recovery
T1608.005 - Link Target
T1552.008 - Chat Messages

MITREへのリンク →

Volt Typhoon

Score: 0.63

Matched TTPs:

T1114 - Email Collection
T1049 - System Network Connections Discovery
T1685.001 - Disable or Modify Windows Event Log
T1578.001 - Create Snapshot
T1148 - HISTCONTROL
T1552.008 - Chat Messages

MITREへのリンク →

APT32

Score: 0.59

Matched TTPs:

T1091 - Replication Through Removable Media
T1566.002 - Spearphishing Link
T1059.012 - Hypervisor CLI
T1105 - Ingress Tool Transfer
T1098.007 - Additional Local or Domain Groups
T1490 - Inhibit System Recovery
T1608.005 - Link Target
T1588.001 - Malware
T1115 - Clipboard Data

MITREへのリンク →

Lazarus Group

Score: 0.59

Matched TTPs:

T1216 - System Script Proxy Execution
T1059.012 - Hypervisor CLI
T1105 - Ingress Tool Transfer
T1098.007 - Additional Local or Domain Groups
T1608.005 - Link Target
T1055.005 - Thread Local Storage
T1578.001 - Create Snapshot
T1588.001 - Malware

MITREへのリンク →

Mustard Tempest

Score: 0.59

Matched TTPs:

T1091 - Replication Through Removable Media
T1059.012 - Hypervisor CLI
T1053.002 - At
T1543.002 - Systemd Service
T1682 - Query Public AI Services
T1115 - Clipboard Data

MITREへのリンク →

APT41

Score: 0.59

Matched TTPs:

T1195.001 - Compromise Software Dependencies and Development Tools
T1573 - Encrypted Channel
T1002 - Data Compressed
T1539 - Steal Web Session Cookie
T1008 - Fallback Channels
T1588.001 - Malware

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

Mobile Devices Used to Execute DNS Malware Against Home Routers

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ