Trusted Design

Operation C-Major actors used Mobile Spyware Against Targets

概要

Last March, we reported on Operation C-Major, an active information theft campaign that was able to steal sensitive information from high profile targets in India. The campaign was able to steal large amounts of data despite using relatively simple malware because it used clever social engineering tactics against its targets. In this post, we will focus on the mobile part of their operation and discuss in detail several Android and BlackBerry apps they are using. Based on our investigation, the actors behind Operation C-Major were able to keep their Android malware on Google Play for months and they advertised their apps on Facebook pages which have thousands of likes from high profile targets.

Created: 2026-02-23

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 3.62
Matched TTPs:
  • T1578 - Modify Cloud Compute Infrastructure
MITREへのリンク →

Silent Librarian

Score: 6.91
Matched TTPs:
  • T1578 - Modify Cloud Compute Infrastructure
  • T1114 - Email Collection
MITREへのリンク →

Magic Hound

Score: 14.30
Matched TTPs:
  • T1578 - Modify Cloud Compute Infrastructure
  • T1016.002 - Wi-Fi Discovery
  • T1098.002 - Additional Email Delegate Permissions
  • T1547.008 - LSASS Driver
MITREへのリンク →

Scattered Spider

Score: 13.02
Matched TTPs:
  • T1578 - Modify Cloud Compute Infrastructure
  • T1552.003 - Shell History
  • T1027.002 - Software Packing
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Kimsuky

Score: 23.91
Matched TTPs:
  • T1114 - Email Collection
  • T1683.001 - Written Content
  • T1552.003 - Shell History
  • T1057 - Process Discovery
  • T1102.003 - One-Way Communication
  • T1690 - Prevent Command History Logging
  • T1526 - Cloud Service Discovery
MITREへのリンク →

Volt Typhoon

Score: 15.82
Matched TTPs:
  • T1114 - Email Collection
  • T1057 - Process Discovery
  • T1102.003 - One-Way Communication
  • T1065 - Uncommonly Used Port
  • T1548.006 - TCC Manipulation
MITREへのリンク →

EXOTIC LILY

Score: 9.65
Matched TTPs:
  • T1114 - Email Collection
  • T1690 - Prevent Command History Logging
  • T1547.008 - LSASS Driver
MITREへのリンク →

Sandworm Team

Score: 16.38
Matched TTPs:
  • T1114 - Email Collection
  • T1016.002 - Wi-Fi Discovery
  • T1193 - Spearphishing Attachment
  • T1102.003 - One-Way Communication
  • T1548.006 - TCC Manipulation
MITREへのリンク →

TA578

Score: 3.29
Matched TTPs:
  • T1114 - Email Collection
MITREへのリンク →

TA505

Score: 3.62
Matched TTPs:
  • T1016.002 - Wi-Fi Discovery
MITREへのリンク →

RedCurl

Score: 3.62
Matched TTPs:
  • T1016.002 - Wi-Fi Discovery
MITREへのリンク →

UNC3886

Score: 4.13
Matched TTPs:
  • T1021.006 - Windows Remote Management
MITREへのリンク →

Contagious Interview

Score: 19.05
Matched TTPs:
  • T1021.006 - Windows Remote Management
  • T1552.003 - Shell History
  • T1102.003 - One-Way Communication
  • T1690 - Prevent Command History Logging
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

Dragonfly

Score: 6.19
Matched TTPs:
  • T1193 - Spearphishing Attachment
  • T1548.006 - TCC Manipulation
MITREへのリンク →

LAPSUS$

Score: 9.81
Matched TTPs:
  • T1193 - Spearphishing Attachment
  • T1065 - Uncommonly Used Port
  • T1548.006 - TCC Manipulation
MITREへのリンク →

APT29

Score: 6.37
Matched TTPs:
  • T1592.004 - Client Configurations
  • T1547.008 - LSASS Driver
MITREへのリンク →

APT32

Score: 6.59
Matched TTPs:
  • T1592.004 - Client Configurations
  • T1556 - Modify Authentication Process
MITREへのリンク →

BRONZE BUTLER

Score: 3.84
Matched TTPs:
  • T1592.004 - Client Configurations
MITREへのリンク →

FIN13

Score: 4.86
Matched TTPs:
  • T1552.003 - Shell History
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Medusa Group

Score: 4.86
Matched TTPs:
  • T1552.003 - Shell History
  • T1548.006 - TCC Manipulation
MITREへのリンク →

APT28

Score: 5.63
Matched TTPs:
  • T1057 - Process Discovery
  • T1548.006 - TCC Manipulation
MITREへのリンク →

Lazarus Group

Score: 12.69
Matched TTPs:
  • T1057 - Process Discovery
  • T1055.005 - Thread Local Storage
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

Moonstone Sleet

Score: 5.81
Matched TTPs:
  • T1057 - Process Discovery
  • T1547.008 - LSASS Driver
MITREへのリンク →

FIN7

Score: 6.91
Matched TTPs:
  • T1057 - Process Discovery
  • T1065 - Uncommonly Used Port
MITREへのリンク →

Mustang Panda

Score: 15.66
Matched TTPs:
  • T1102.003 - One-Way Communication
  • T1526 - Cloud Service Discovery
  • T1055.005 - Thread Local Storage
  • T1548.006 - TCC Manipulation
  • T1556 - Modify Authentication Process
MITREへのリンク →

Star Blizzard

Score: 3.29
Matched TTPs:
  • T1102.003 - One-Way Communication
MITREへのリンク →

OilRig

Score: 12.96
Matched TTPs:
  • T1592.002 - Software
  • T1526 - Cloud Service Discovery
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

HEXANE

Score: 3.62
Matched TTPs:
  • T1065 - Uncommonly Used Port
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1130 - Install Root Certificate
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1130 - Install Root Certificate
MITREへのリンク →

APT38

Score: 4.54
Matched TTPs:
  • T1059.005 - Visual Basic
MITREへのリンク →

Wizard Spider

Score: 8.24
Matched TTPs:
  • T1526 - Cloud Service Discovery
  • T1548.006 - TCC Manipulation
  • T1556 - Modify Authentication Process
MITREへのリンク →

BlackTech

Score: 3.15
Matched TTPs:
  • T1526 - Cloud Service Discovery
MITREへのリンク →

FIN8

Score: 5.90
Matched TTPs:
  • T1526 - Cloud Service Discovery
  • T1556 - Modify Authentication Process
MITREへのリンク →

Threat Group-3390

Score: 6.30
Matched TTPs:
  • T1526 - Cloud Service Discovery
  • T1546.017 - Udev Rules
MITREへのリンク →

FIN6

Score: 7.61
Matched TTPs:
  • T1548.006 - TCC Manipulation
  • T1547.008 - LSASS Driver
  • T1556 - Modify Authentication Process
MITREへのリンク →

Axiom

Score: 4.54
Matched TTPs:
  • T1160 - Launch Daemon
MITREへのリンク →

Molerats

Score: 3.15
Matched TTPs:
  • T1546.017 - Udev Rules
MITREへのリンク →

Gamaredon Group

Score: 3.15
Matched TTPs:
  • T1546.017 - Udev Rules
MITREへのリンク →

Higaisa

Score: 3.15
Matched TTPs:
  • T1546.017 - Udev Rules
MITREへのリンク →

TA2541

Score: 3.15
Matched TTPs:
  • T1546.017 - Udev Rules
MITREへのリンク →

Mofang

Score: 3.15
Matched TTPs:
  • T1546.017 - Udev Rules
MITREへのリンク →

Leviathan

Score: 3.15
Matched TTPs:
  • T1546.017 - Udev Rules
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.82
Matched TTPs:
  • T1102.003 - One-Way Communication
  • T1683.001 - Written Content
  • T1114 - Email Collection
  • T1552.003 - Shell History
  • T1057 - Process Discovery
  • T1690 - Prevent Command History Logging
  • T1526 - Cloud Service Discovery
MITREへのリンク →

Contagious Interview

Score: 0.63
Matched TTPs:
  • T1021.006 - Windows Remote Management
  • T1102.003 - One-Way Communication
  • T1556 - Modify Authentication Process
  • T1552.003 - Shell History
  • T1547.008 - LSASS Driver
  • T1690 - Prevent Command History Logging
MITREへのリンク →

Volt Typhoon

Score: 0.58
Matched TTPs:
  • T1102.003 - One-Way Communication
  • T1114 - Email Collection
  • T1548.006 - TCC Manipulation
  • T1057 - Process Discovery
  • T1065 - Uncommonly Used Port
MITREへのリンク →

Sandworm Team

Score: 0.58
Matched TTPs:
  • T1102.003 - One-Way Communication
  • T1548.006 - TCC Manipulation
  • T1114 - Email Collection
  • T1193 - Spearphishing Attachment
  • T1016.002 - Wi-Fi Discovery
MITREへのリンク →

Mustang Panda

Score: 0.57
Matched TTPs:
  • T1102.003 - One-Way Communication
  • T1548.006 - TCC Manipulation
  • T1556 - Modify Authentication Process
  • T1055.005 - Thread Local Storage
  • T1526 - Cloud Service Discovery
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る