Trusted Design

Jaku Analysis of a Botnet Campaign

概要

JAKU is the name given to the investigation, surveillance and analysis, by the Forcepoint Special Investigations team, of an on-going botnet campaign. This paper examines how the JAKU botnets are constructed and identifies their characteristics, and in the case of the targeted attacks, how they differ from the scattergun attacks of broader botnet activities. This study also highlights the consequences that Internet users who disregard copyrights and digital rights may face.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Contagious Interview

Score: 14.33
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ember Bear

Score: 5.63
Matched TTPs:
  • T1491.002 - External Defacement
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Sandworm Team

Score: 16.96
Matched TTPs:
  • T1491.002 - External Defacement
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1584.005 - Botnet
  • T1593 - Search Open Websites/Domains
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Sidewinder

Score: 3.95
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Mustang Panda

Score: 18.43
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1678 - Delay Execution
  • T1203 - Exploitation for Client Execution
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

ZIRCONIUM

Score: 6.57
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1036.004 - Masquerade Task or Service
  • T1583.006 - Web Services
MITREへのリンク →

APT32

Score: 17.21
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1036.004 - Masquerade Task or Service
  • T1583.006 - Web Services
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Kimsuky

Score: 19.11
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1593.002 - Search Engines
  • T1036.004 - Masquerade Task or Service
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1218.010 - Regsvr32
MITREへのリンク →

Magic Hound

Score: 10.85
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1036.004 - Masquerade Task or Service
  • T1583.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT28

Score: 19.07
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1498 - Network Denial of Service
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
MITREへのリンク →

Star Blizzard

Score: 7.72
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1593 - Search Open Websites/Domains
MITREへのリンク →

Moonstone Sleet

Score: 6.95
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

CURIUM

Score: 10.37
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 5.72
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Patchwork

Score: 5.72
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

HAFNIUM

Score: 16.28
Matched TTPs:
  • T1583.005 - Botnet
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
MITREへのリンク →

APT5

Score: 3.84
Matched TTPs:
  • T1583.005 - Botnet
MITREへのリンク →

Ke3chang

Score: 7.28
Matched TTPs:
  • T1583.005 - Botnet
  • T1036.002 - Right-to-Left Override
MITREへのリンク →

TA2541

Score: 3.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
MITREへのリンク →

Earth Lusca

Score: 9.37
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

LuminousMoth

Score: 4.64
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Mustard Tempest

Score: 3.74
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
MITREへのリンク →

OilRig

Score: 5.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

LazyScripter

Score: 3.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
MITREへのリンク →

Gamaredon Group

Score: 3.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
MITREへのリンク →

Threat Group-3390

Score: 5.23
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

BITTER

Score: 5.56
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1036.004 - Masquerade Task or Service
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Saint Bear

Score: 5.48
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

FIN7

Score: 8.75
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1036.004 - Masquerade Task or Service
  • T1583.006 - Web Services
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

EXOTIC LILY

Score: 5.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ferocious Kitten

Score: 3.44
Matched TTPs:
  • T1036.002 - Right-to-Left Override
MITREへのリンク →

BlackTech

Score: 4.93
Matched TTPs:
  • T1036.002 - Right-to-Left Override
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Scarlet Mimic

Score: 3.44
Matched TTPs:
  • T1036.002 - Right-to-Left Override
MITREへのリンク →

BRONZE BUTLER

Score: 6.70
Matched TTPs:
  • T1036.002 - Right-to-Left Override
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

FIN13

Score: 4.76
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Winter Vivern

Score: 7.48
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

FIN6

Score: 4.62
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

PROMETHIUM

Score: 7.99
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1205.001 - Port Knocking
  • T1189 - Drive-by Compromise
MITREへのリンク →

UNC3886

Score: 7.72
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1205.001 - Port Knocking
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Higaisa

Score: 3.59
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Lazarus Group

Score: 12.56
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Storm-0501

Score: 4.84
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1218.010 - Regsvr32
MITREへのリンク →

APT41

Score: 3.59
Matched TTPs:
  • T1036.004 - Masquerade Task or Service
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Axiom

Score: 6.88
Matched TTPs:
  • T1584.005 - Botnet
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Volt Typhoon

Score: 6.91
Matched TTPs:
  • T1584.005 - Botnet
  • T1593 - Search Open Websites/Domains
MITREへのリンク →

Turla

Score: 7.40
Matched TTPs:
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

MuddyWater

Score: 3.51
Matched TTPs:
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT29

Score: 10.57
Matched TTPs:
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1562.008 - Disable or Modify Cloud Logs
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Confucius

Score: 3.51
Matched TTPs:
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Cobalt Group

Score: 4.24
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Leviathan

Score: 6.01
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Inception

Score: 4.24
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT19

Score: 4.51
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1189 - Drive-by Compromise
MITREへのリンク →

Andariel

Score: 3.26
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT37

Score: 3.26
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Sea Turtle

Score: 6.03
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1608.003 - Install Digital Certificate
MITREへのリンク →

Transparent Tribe

Score: 5.92
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Tropic Trooper

Score: 4.16
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Elderwood

Score: 3.26
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Darkhotel

Score: 3.26
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Windshift

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.80
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1593.002 - Search Engines
  • T1608.001 - Upload Malware
  • T1036.004 - Masquerade Task or Service
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
MITREへのリンク →

APT28

Score: 0.80
Matched TTPs:
  • T1564.001 - Hidden Files and Directories
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1550.001 - Application Access Token
  • T1498 - Network Denial of Service
MITREへのリンク →

Mustang Panda

Score: 0.79
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1678 - Delay Execution
  • T1564.001 - Hidden Files and Directories
  • T1203 - Exploitation for Client Execution
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
MITREへのリンク →

Sandworm Team

Score: 0.73
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1584.005 - Botnet
  • T1203 - Exploitation for Client Execution
  • T1598.003 - Spearphishing Link
  • T1593 - Search Open Websites/Domains
  • T1491.002 - External Defacement
MITREへのリンク →

APT32

Score: 0.71
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1608.001 - Upload Malware
  • T1564.001 - Hidden Files and Directories
  • T1036.004 - Masquerade Task or Service
  • T1203 - Exploitation for Client Execution
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

HAFNIUM

Score: 0.69
Matched TTPs:
  • T1583.005 - Botnet
  • T1584.005 - Botnet
  • T1564.001 - Hidden Files and Directories
  • T1583.006 - Web Services
  • T1550.001 - Application Access Token
MITREへのリンク →

Contagious Interview

Score: 0.60
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1608.001 - Upload Malware
  • T1566.003 - Spearphishing via Service
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
MITREへのリンク →

Lazarus Group

Score: 0.55
Matched TTPs:
  • T1564.001 - Hidden Files and Directories
  • T1036.004 - Masquerade Task or Service
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1583.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る