Trusted Design

Targets Middle Eastern Telecommunications Companies

概要

Targets Middle Eastern Telecommunications Companies esearchers observed additional activity associated with suspected Iran-based Threat Group-2889[1] (TG-2889) that confirms prior analysis of the group's use of LinkedIn to target victims and its interest in Middle Eastern telecommunications companies. CTU(TM) researchers also uncovered the use of a remote access trojan (RAT) called Helminth that has similarities to other tools used by TG-2889. CTU researchers assess with high confidence that TG-2889 is associated with Iranian government-directed cyber operations. Although the observed activity does not appear to target Western organizations, SecureWorks clients should review the group's tactics, techniques, and procedures (TTPs) and implement defenses against these types of attacks.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 40.99
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1036.007 - Double File Extension
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1593 - Search Open Websites/Domains
  • T1566 - Phishing
  • T1218.010 - Regsvr32
  • T1593.001 - Social Media
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1204.001 - Malicious Link
MITREへのリンク →

Sea Turtle

Score: 9.07
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1199 - Trusted Relationship
  • T1566 - Phishing
MITREへのリンク →

Ember Bear

Score: 9.76
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1560 - Archive Collected Data
MITREへのリンク →

Indrik Spider

Score: 9.30
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1590 - Gather Victim Network Information
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Agrius

Score: 4.68
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Contagious Interview

Score: 24.73
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1588.007 - Artificial Intelligence
  • T1681 - Search Threat Vendor Data
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1593.001 - Social Media
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Sandworm Team

Score: 31.17
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1491.002 - External Defacement
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1591.002 - Business Relationships
  • T1199 - Trusted Relationship
  • T1593 - Search Open Websites/Domains
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Star Blizzard

Score: 12.40
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1598.003 - Spearphishing Link
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
MITREへのリンク →

Volt Typhoon

Score: 40.42
Matched TTPs:
  • T1592 - Gather Victim Host Information
  • T1584.008 - Network Devices
  • T1594 - Search Victim-Owned Websites
  • T1590.004 - Network Topology
  • T1590.006 - Network Security Appliances
  • T1591 - Gather Victim Org Information
  • T1590 - Gather Victim Network Information
  • T1593 - Search Open Websites/Domains
  • T1591.004 - Identify Roles
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1596.005 - Scan Databases
MITREへのリンク →

LAPSUS$

Score: 18.88
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1598.004 - Spearphishing Voice
  • T1591.002 - Business Relationships
  • T1199 - Trusted Relationship
  • T1591.004 - Identify Roles
MITREへのリンク →

Andariel

Score: 8.47
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1592.002 - Software
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Magic Hound

Score: 25.40
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1592.002 - Software
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1591.001 - Determine Physical Locations
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

HAFNIUM

Score: 17.76
Matched TTPs:
  • T1590.005 - IP Addresses
  • T1592.004 - Client Configurations
  • T1583.006 - Web Services
  • T1590 - Gather Victim Network Information
  • T1199 - Trusted Relationship
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Mustang Panda

Score: 22.70
Matched TTPs:
  • T1036.007 - Double File Extension
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1678 - Delay Execution
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1204.001 - Malicious Link
MITREへのリンク →

APT28

Score: 38.30
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1557.004 - Evil Twin
  • T1560 - Archive Collected Data
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1199 - Trusted Relationship
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1498 - Network Denial of Service
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1669 - Wi-Fi Networks
MITREへのリンク →

ZIRCONIUM

Score: 16.07
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Leviathan

Score: 12.74
Matched TTPs:
  • T1584.008 - Network Devices
  • T1560 - Archive Collected Data
  • T1218.010 - Regsvr32
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1204.001 - Malicious Link
MITREへのリンク →

Mustard Tempest

Score: 11.21
Matched TTPs:
  • T1583.008 - Malvertising
  • T1608.006 - SEO Poisoning
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Silent Librarian

Score: 5.74
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
MITREへのリンク →

EXOTIC LILY

Score: 15.55
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1597 - Search Closed Sources
  • T1593.001 - Social Media
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA578

Score: 6.66
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Sidewinder

Score: 8.22
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1598.002 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Scattered Spider

Score: 21.13
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1598.004 - Spearphishing Voice
  • T1598 - Phishing for Information
  • T1556.009 - Conditional Access Policies
  • T1538 - Cloud Service Dashboard
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

APT32

Score: 11.95
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1560 - Archive Collected Data
  • T1583.006 - Web Services
  • T1218.010 - Regsvr32
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Moonstone Sleet

Score: 12.48
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1591 - Gather Victim Org Information
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

CURIUM

Score: 8.60
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1584.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 14.94
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1560 - Archive Collected Data
  • T1591.002 - Business Relationships
  • T1598.002 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Patchwork

Score: 8.83
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1560 - Archive Collected Data
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1204.001 - Malicious Link
MITREへのリンク →

Salt Typhoon

Score: 3.84
Matched TTPs:
  • T1590.004 - Network Topology
MITREへのリンク →

FIN13

Score: 6.27
Matched TTPs:
  • T1590.004 - Network Topology
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Medusa Group

Score: 8.57
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Threat Group-3390

Score: 7.66
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1199 - Trusted Relationship
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Axiom

Score: 12.06
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1566 - Phishing
  • T1021.001 - Remote Desktop Protocol
  • T1001.002 - Steganography
MITREへのリンク →

BlackByte

Score: 5.02
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

Lazarus Group

Score: 22.81
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1027.007 - Dynamic API Resolution
  • T1021.001 - Remote Desktop Protocol
  • T1008 - Fallback Channels
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN6

Score: 6.76
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1021.001 - Remote Desktop Protocol
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

LuminousMoth

Score: 4.73
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Ke3chang

Score: 3.37
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

menuPass

Score: 7.76
Matched TTPs:
  • T1560 - Archive Collected Data
  • T1199 - Trusted Relationship
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

UNC3886

Score: 7.57
Matched TTPs:
  • T1681 - Search Threat Vendor Data
  • T1008 - Fallback Channels
MITREへのリンク →

Earth Lusca

Score: 6.99
Matched TTPs:
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

Turla

Score: 10.17
Matched TTPs:
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

MuddyWater

Score: 6.55
Matched TTPs:
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

APT29

Score: 9.42
Matched TTPs:
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN7

Score: 18.54
Matched TTPs:
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1204.001 - Malicious Link
  • T1008 - Fallback Channels
MITREへのリンク →

Confucius

Score: 4.15
Matched TTPs:
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Gamaredon Group

Score: 6.55
Matched TTPs:
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Saint Bear

Score: 3.37
Matched TTPs:
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
MITREへのリンク →

POLONIUM

Score: 7.16
Matched TTPs:
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

TA2541

Score: 4.15
Matched TTPs:
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

LazyScripter

Score: 4.15
Matched TTPs:
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

SideCopy

Score: 4.40
Matched TTPs:
  • T1598.002 - Spearphishing Attachment
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT33

Score: 6.27
Matched TTPs:
  • T1552.006 - Group Policy Preferences
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

Wizard Spider

Score: 7.92
Matched TTPs:
  • T1552.006 - Group Policy Preferences
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1204.001 - Malicious Link
MITREへのリンク →

GOLD SOUTHFIELD

Score: 6.03
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1566 - Phishing
MITREへのリンク →

RedCurl

Score: 4.11
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1204.001 - Malicious Link
MITREへのリンク →

INC Ransom

Score: 5.71
Matched TTPs:
  • T1566 - Phishing
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

AppleJeus

Score: 3.29
Matched TTPs:
  • T1566 - Phishing
MITREへのリンク →

Winter Vivern

Score: 5.76
Matched TTPs:
  • T1584.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
MITREへのリンク →

TA551

Score: 3.52
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Cobalt Group

Score: 6.53
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1204.001 - Malicious Link
MITREへのリンク →

Storm-0501

Score: 6.88
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

Blue Mockingbird

Score: 4.39
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

WIRTE

Score: 3.52
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Storm-1811

Score: 7.84
Matched TTPs:
  • T1566.004 - Spearphishing Voice
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT37

Score: 3.17
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT39

Score: 6.18
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1204.001 - Malicious Link
MITREへのリンク →

HEXANE

Score: 8.44
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
MITREへのリンク →

OilRig

Score: 9.75
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1204.001 - Malicious Link
  • T1008 - Fallback Channels
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT41

Score: 10.00
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1596.005 - Scan Databases
  • T1008 - Fallback Channels
MITREへのリンク →

FIN8

Score: 3.78
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1204.001 - Malicious Link
MITREへのリンク →

Windshift

Score: 4.66
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ajax Security Team

Score: 3.30
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT3

Score: 3.78
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1021.001 - Remote Desktop Protocol
  • T1204.001 - Malicious Link
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.84
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583 - Acquire Infrastructure
  • T1591 - Gather Victim Org Information
  • T1594 - Search Victim-Owned Websites
  • T1105 - Ingress Tool Transfer
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
  • T1593 - Search Open Websites/Domains
  • T1593.001 - Social Media
  • T1021.001 - Remote Desktop Protocol
  • T1566 - Phishing
  • T1218.010 - Regsvr32
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1036.007 - Double File Extension
MITREへのリンク →

Volt Typhoon

Score: 0.83
Matched TTPs:
  • T1596.005 - Scan Databases
  • T1584.008 - Network Devices
  • T1591 - Gather Victim Org Information
  • T1594 - Search Victim-Owned Websites
  • T1105 - Ingress Tool Transfer
  • T1590.004 - Network Topology
  • T1592 - Gather Victim Host Information
  • T1593 - Search Open Websites/Domains
  • T1021.001 - Remote Desktop Protocol
  • T1590 - Gather Victim Network Information
  • T1591.004 - Identify Roles
  • T1590.006 - Network Security Appliances
MITREへのリンク →

APT28

Score: 0.80
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1584.008 - Network Devices
  • T1591 - Gather Victim Org Information
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1560 - Archive Collected Data
  • T1498 - Network Denial of Service
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
  • T1669 - Wi-Fi Networks
  • T1102.002 - Bidirectional Communication
  • T1199 - Trusted Relationship
  • T1557.004 - Evil Twin
MITREへのリンク →

Sandworm Team

Score: 0.69
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583 - Acquire Infrastructure
  • T1591.002 - Business Relationships
  • T1594 - Search Victim-Owned Websites
  • T1105 - Ingress Tool Transfer
  • T1204.001 - Malicious Link
  • T1593 - Search Open Websites/Domains
  • T1491.002 - External Defacement
  • T1102.002 - Bidirectional Communication
  • T1199 - Trusted Relationship
  • T1592.002 - Software
MITREへのリンク →

Magic Hound

Score: 0.60
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1105 - Ingress Tool Transfer
  • T1583.006 - Web Services
  • T1590.005 - IP Addresses
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
  • T1021.001 - Remote Desktop Protocol
  • T1591.001 - Determine Physical Locations
  • T1102.002 - Bidirectional Communication
  • T1592.002 - Software
MITREへのリンク →

Contagious Interview

Score: 0.55
Matched TTPs:
  • T1583 - Acquire Infrastructure
  • T1588.007 - Artificial Intelligence
  • T1583.006 - Web Services
  • T1204.001 - Malicious Link
  • T1566.003 - Spearphishing via Service
  • T1593 - Search Open Websites/Domains
  • T1593.001 - Social Media
  • T1681 - Search Threat Vendor Data
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る