Trusted Design

CryptXXX: New Ransomware From the Actors Behind Reveton

概要

Proofpoint researchers recently found a previously undocumented ransomware spreading since the end of March through Bedep after infection via the Angler Exploit Kit (EK). Combining our findings with intelligence shared by Frank Ruiz (Fox IT InTELL) lead us to the same conclusion: this project is conducted by the same group that was driving Reveton ransomware operations and is closely tied to Angler/Bedep. Dubbed "CryptXXX", this new ransomware is currently asking a relatively high $500 per computer to unlock encrypted files. Angler is the number one exploit kit by volume, making the potential impact of new ransomware in the hands of experienced actors with access to this vector quite significant.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Angler EK delivers Alpha Crypt Ransomware (score: 0.76)
Analysis of a piece of ransomware in development (CryptoApp) (score: 0.74)
Locky: New Ransomware Mimics Dridex-Style Distribution (score: 0.72)
Targeted ransomware campaign (score: 0.72)
CRYPTOWALL 4 - THE EVOLUTION CONTINUES (score: 0.72)

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 19.35

Matched TTPs:

T1583 - Acquire Infrastructure
T1560.003 - Archive via Custom Method
T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1588.002 - Tool
T1204.001 - Malicious Link
T1680 - Local Storage Discovery
T1588.005 - Exploits

MITREへのリンク →

Sea Turtle

Score: 6.85

Matched TTPs:

T1583 - Acquire Infrastructure
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution

MITREへのリンク →

Ember Bear

Score: 13.97

Matched TTPs:

T1583 - Acquire Infrastructure
T1195 - Supply Chain Compromise
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1588.005 - Exploits

MITREへのリンク →

Indrik Spider

Score: 5.37

Matched TTPs:

T1583 - Acquire Infrastructure
T1486 - Data Encrypted for Impact

MITREへのリンク →

Agrius

Score: 4.50

Matched TTPs:

T1583 - Acquire Infrastructure
T1190 - Exploit Public-Facing Application

MITREへのリンク →

Contagious Interview

Score: 7.77

Matched TTPs:

T1583 - Acquire Infrastructure
T1657 - Financial Theft
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

Sandworm Team

Score: 14.39

Matched TTPs:

T1583 - Acquire Infrastructure
T1195 - Supply Chain Compromise
T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1486 - Data Encrypted for Impact
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Star Blizzard

Score: 3.88

Matched TTPs:

T1583 - Acquire Infrastructure
T1588.002 - Tool

MITREへのリンク →

FIN6

Score: 4.00

Matched TTPs:

T1560.003 - Archive via Custom Method
T1588.002 - Tool

MITREへのリンク →

CopyKittens

Score: 4.00

Matched TTPs:

T1560.003 - Archive via Custom Method
T1588.002 - Tool

MITREへのリンク →

Mustang Panda

Score: 6.85

Matched TTPs:

T1560.003 - Archive via Custom Method
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

UNC3886

Score: 6.12

Matched TTPs:

T1560.003 - Archive via Custom Method
T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution

MITREへのリンク →

Lotus Blossom

Score: 4.00

Matched TTPs:

T1560.003 - Archive via Custom Method
T1588.002 - Tool

MITREへのリンク →

Lazarus Group

Score: 8.33

Matched TTPs:

T1560.003 - Archive via Custom Method
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1680 - Local Storage Discovery

MITREへのリンク →

OilRig

Score: 11.17

Matched TTPs:

T1025 - Data from Removable Media
T1195 - Supply Chain Compromise
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Gamaredon Group

Score: 15.17

Matched TTPs:

T1025 - Data from Removable Media
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1221 - Template Injection
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

APT28

Score: 23.36

Matched TTPs:

T1025 - Data from Removable Media
T1190 - Exploit Public-Facing Application
T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1203 - Exploitation for Client Execution
T1221 - Template Injection
T1204.001 - Malicious Link
T1669 - Wi-Fi Networks

MITREへのリンク →

Turla

Score: 5.83

Matched TTPs:

T1025 - Data from Removable Media
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

Threat Group-3390

Score: 6.96

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1027.015 - Compression

MITREへのリンク →

FIN7

Score: 6.02

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1486 - Data Encrypted for Impact
T1204.001 - Malicious Link

MITREへのリンク →

Volt Typhoon

Score: 5.15

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1680 - Local Storage Discovery

MITREへのリンク →

FIN13

Score: 9.38

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1588.002 - Tool
T1565 - Data Manipulation

MITREへのリンク →

BlackTech

Score: 5.17

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Magic Hound

Score: 6.02

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1486 - Data Encrypted for Impact
T1204.001 - Malicious Link

MITREへのリンク →

Medusa Group

Score: 16.26

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1588.002 - Tool
T1486 - Data Encrypted for Impact
T1650 - Acquire Access
T1218.014 - MMC

MITREへのリンク →

Storm-0501

Score: 6.33

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

Fox Kitten

Score: 4.50

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1039 - Data from Network Shared Drive

MITREへのリンク →

Cinnamon Tempest

Score: 4.84

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1588.002 - Tool

MITREへのリンク →

BlackByte

Score: 3.81

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1486 - Data Encrypted for Impact

MITREへのリンク →

menuPass

Score: 5.35

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1039 - Data from Network Shared Drive

MITREへのリンク →

ToddyCat

Score: 4.30

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1680 - Local Storage Discovery

MITREへのリンク →

Earth Lusca

Score: 3.68

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

APT29

Score: 5.17

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Leviathan

Score: 7.47

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

INC Ransom

Score: 7.18

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1588.002 - Tool
T1486 - Data Encrypted for Impact

MITREへのリンク →

Dragonfly

Score: 6.96

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1221 - Template Injection

MITREへのリンク →

APT41

Score: 6.15

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1486 - Data Encrypted for Impact
T1203 - Exploitation for Client Execution

MITREへのリンク →

Play

Score: 4.84

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1657 - Financial Theft
T1588.002 - Tool

MITREへのリンク →

MuddyWater

Score: 5.17

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

APT39

Score: 3.68

Matched TTPs:

T1190 - Exploit Public-Facing Application
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

Akira

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

Scattered Spider

Score: 5.71

Matched TTPs:

T1657 - Financial Theft
T1588.002 - Tool
T1486 - Data Encrypted for Impact

MITREへのリンク →

Water Galura

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1486 - Data Encrypted for Impact

MITREへのリンク →

APT33

Score: 7.83

Matched TTPs:

T1552.006 - Group Policy Preferences
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Wizard Spider

Score: 6.34

Matched TTPs:

T1552.006 - Group Policy Preferences
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

CURIUM

Score: 3.84

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol

MITREへのリンク →

Storm-1811

Score: 7.03

Matched TTPs:

T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1588.002 - Tool
T1486 - Data Encrypted for Impact

MITREへのリンク →

Inception

Score: 5.49

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1221 - Template Injection

MITREへのリンク →

BRONZE BUTLER

Score: 5.38

Matched TTPs:

T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1203 - Exploitation for Client Execution

MITREへのリンク →

FIN8

Score: 4.55

Matched TTPs:

T1588.002 - Tool
T1486 - Data Encrypted for Impact
T1204.001 - Malicious Link

MITREへのリンク →

TA505

Score: 4.55

Matched TTPs:

T1588.002 - Tool
T1486 - Data Encrypted for Impact
T1204.001 - Malicious Link

MITREへのリンク →

TA2541

Score: 5.36

Matched TTPs:

T1588.002 - Tool
T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

Patchwork

Score: 6.54

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link
T1680 - Local Storage Discovery

MITREへのリンク →

Cobalt Group

Score: 3.70

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

APT38

Score: 4.55

Matched TTPs:

T1588.002 - Tool
T1486 - Data Encrypted for Impact
T1204.001 - Malicious Link

MITREへのリンク →

APT32

Score: 3.70

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1204.001 - Malicious Link

MITREへのリンク →

Chimera

Score: 6.72

Matched TTPs:

T1588.002 - Tool
T1039 - Data from Network Shared Drive
T1680 - Local Storage Discovery

MITREへのリンク →

DarkHydrus

Score: 4.00

Matched TTPs:

T1588.002 - Tool
T1221 - Template Injection

MITREへのリンク →

RedCurl

Score: 4.39

Matched TTPs:

T1039 - Data from Network Shared Drive
T1204.001 - Malicious Link

MITREへのリンク →

Sowbug

Score: 3.03

Matched TTPs:

T1039 - Data from Network Shared Drive

MITREへのリンク →

Confucius

Score: 8.84

Matched TTPs:

T1203 - Exploitation for Client Execution
T1221 - Template Injection
T1204.001 - Malicious Link
T1680 - Local Storage Discovery

MITREへのリンク →

Higaisa

Score: 7.48

Matched TTPs:

T1203 - Exploitation for Client Execution
T1680 - Local Storage Discovery
T1027.015 - Compression

MITREへのリンク →

Tropic Trooper

Score: 7.48

Matched TTPs:

T1203 - Exploitation for Client Execution
T1221 - Template Injection
T1680 - Local Storage Discovery

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Mustard Tempest

Score: 5.90

Matched TTPs:

T1608.006 - SEO Poisoning
T1204.001 - Malicious Link

MITREへのリンク →

Molerats

Score: 4.51

Matched TTPs:

T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

Mofang

Score: 4.51

Matched TTPs:

T1204.001 - Malicious Link
T1027.015 - Compression

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.81

Matched TTPs:

T1221 - Template Injection
T1025 - Data from Removable Media
T1048.002 - Exfiltration Over Asymmetric Encrypted Non-C2 Protocol
T1039 - Data from Network Shared Drive
T1588.002 - Tool
T1190 - Exploit Public-Facing Application
T1204.001 - Malicious Link
T1669 - Wi-Fi Networks
T1203 - Exploitation for Client Execution

MITREへのリンク →

Kimsuky

Score: 0.67

Matched TTPs:

T1657 - Financial Theft
T1560.003 - Archive via Custom Method
T1583 - Acquire Infrastructure
T1680 - Local Storage Discovery
T1588.005 - Exploits
T1588.002 - Tool
T1190 - Exploit Public-Facing Application
T1204.001 - Malicious Link

MITREへのリンク →

Medusa Group

Score: 0.65

Matched TTPs:

T1657 - Financial Theft
T1650 - Acquire Access
T1588.002 - Tool
T1190 - Exploit Public-Facing Application
T1218.014 - MMC
T1486 - Data Encrypted for Impact

MITREへのリンク →

Gamaredon Group

Score: 0.55

Matched TTPs:

T1221 - Template Injection
T1025 - Data from Removable Media
T1039 - Data from Network Shared Drive
T1027.015 - Compression
T1588.002 - Tool
T1204.001 - Malicious Link

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る