Trusted Design

Bitter Sweet: Supporters of Mexico’s Soda Tax Targeted With NSO Exploit Links

概要

This report describes an espionage operation using government-exclusive spyware to target a Mexican government food scientists and two public health advocates. The operation used spyware made by the NSO Group, an Israeli company that sells intrusion tools to remotely compromise mobile phones. On August 25, 2016, the Citizen Lab published a report showing that NSO’s technology was used to target Ahmed Mansoor, a UAE-based human rights defender, as well as identifying targeting in Mexico. Mexico has previously confirmed that it is a purchaser of NSO Group’s spyware.

Created: 2026-02-23

Indicators

類似Pulses

Investigation Into Mexican Mass Disappearance Targeted with NSO Spyware (score: 0.73)
Reckless Exploit: Mexican Journalists, Lawyers, and a Child Targeted with NSO Spyware - The Citizen Lab (score: 0.72)
Reckless Exploit: Mexican Journalists, Lawyers, and a Child Targeted with NSO Spyware (score: 0.71)
Lawyers For Murdered Mexican Women’s Families Targeted with NSO Spyware (score: 0.70)
NSO-powered Campaign (score: 0.64)

このPulseに関連する脅威アクター (事実ベース)

Gamaredon Group

Score: 7.14

Matched TTPs:

T1021.005 - VNC
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

FIN7

Score: 8.85

Matched TTPs:

T1021.005 - VNC
T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode

MITREへのリンク →

GCMAN

Score: 3.62

Matched TTPs:

T1021.005 - VNC

MITREへのリンク →

Fox Kitten

Score: 6.05

Matched TTPs:

T1021.005 - VNC
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

MuddyWater

Score: 3.58

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

LuminousMoth

Score: 3.58

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Confucius

Score: 3.58

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Kimsuky

Score: 13.67

Matched TTPs:

T1543.003 - Windows Service
T1565.002 - Transmitted Data Manipulation
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode
T1003.003 - NTDS

MITREへのリンク →

Sidewinder

Score: 3.58

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Elderwood

Score: 3.58

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Mustard Tempest

Score: 3.58

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Sandworm Team

Score: 7.80

Matched TTPs:

T1543.003 - Windows Service
T1070.009 - Clear Persistence
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Evilnum

Score: 7.89

Matched TTPs:

T1543.003 - Windows Service
T1565.002 - Transmitted Data Manipulation
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Mustang Panda

Score: 7.89

Matched TTPs:

T1543.003 - Windows Service
T1565.002 - Transmitted Data Manipulation
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

FIN8

Score: 9.36

Matched TTPs:

T1543.003 - Windows Service
T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode

MITREへのリンク →

APT32

Score: 8.81

Matched TTPs:

T1543.003 - Windows Service
T1592.004 - Client Configurations
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

APT3

Score: 6.61

Matched TTPs:

T1543.003 - Windows Service
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode

MITREへのリンク →

APT1

Score: 3.09

Matched TTPs:

T1543.003 - Windows Service
T1622 - Debugger Evasion

MITREへのリンク →

Lazarus Group

Score: 10.61

Matched TTPs:

T1543.003 - Windows Service
T1070.009 - Clear Persistence
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1547.008 - LSASS Driver

MITREへのリンク →

Leviathan

Score: 8.06

Matched TTPs:

T1543.003 - Windows Service
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode

MITREへのリンク →

APT33

Score: 7.72

Matched TTPs:

T1543.003 - Windows Service
T1567.001 - Exfiltration to Code Repository
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

ZIRCONIUM

Score: 3.58

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

EXOTIC LILY

Score: 5.33

Matched TTPs:

T1543.003 - Windows Service
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

Molerats

Score: 3.58

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Magic Hound

Score: 9.14

Matched TTPs:

T1543.003 - Windows Service
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

OilRig

Score: 11.88

Matched TTPs:

T1543.003 - Windows Service
T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

Windshift

Score: 6.11

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

Cobalt Group

Score: 9.36

Matched TTPs:

T1543.003 - Windows Service
T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode

MITREへのリンク →

APT29

Score: 11.33

Matched TTPs:

T1543.003 - Windows Service
T1592.004 - Client Configurations
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

TA2541

Score: 6.33

Matched TTPs:

T1543.003 - Windows Service
T1128 - Netsh Helper DLL
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Earth Lusca

Score: 5.64

Matched TTPs:

T1543.003 - Windows Service
T1546.016 - Installer Packages
T1027.018 - Invisible Unicode

MITREへのリンク →

RedCurl

Score: 6.93

Matched TTPs:

T1543.003 - Windows Service
T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence
T1027.018 - Invisible Unicode

MITREへのリンク →

Storm-1811

Score: 7.68

Matched TTPs:

T1543.003 - Windows Service
T1565.002 - Transmitted Data Manipulation
T1547.013 - XDG Autostart Entries
T1547.008 - LSASS Driver

MITREへのリンク →

Turla

Score: 6.42

Matched TTPs:

T1543.003 - Windows Service
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Wizard Spider

Score: 10.74

Matched TTPs:

T1543.003 - Windows Service
T1567.001 - Exfiltration to Code Repository
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode

MITREへのリンク →

Patchwork

Score: 6.61

Matched TTPs:

T1543.003 - Windows Service
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode

MITREへのリンク →

TA505

Score: 3.58

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

LazyScripter

Score: 3.58

Matched TTPs:

T1543.003 - Windows Service
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

APT42

Score: 4.19

Matched TTPs:

T1543.003 - Windows Service
T1128 - Netsh Helper DLL

MITREへのリンク →

APT39

Score: 6.61

Matched TTPs:

T1543.003 - Windows Service
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion
T1027.018 - Invisible Unicode

MITREへのリンク →

Medusa Group

Score: 10.68

Matched TTPs:

T1218.003 - CMSTP
T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

Threat Group-3390

Score: 6.29

Matched TTPs:

T1218.003 - CMSTP
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries

MITREへのリンク →

BRONZE BUTLER

Score: 6.00

Matched TTPs:

T1592.004 - Client Configurations
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries

MITREへのリンク →

Tropic Trooper

Score: 4.90

Matched TTPs:

T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries

MITREへのリンク →

FIN6

Score: 8.30

Matched TTPs:

T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence
T1622 - Debugger Evasion
T1547.008 - LSASS Driver

MITREへのリンク →

Contagious Interview

Score: 8.19

Matched TTPs:

T1565.002 - Transmitted Data Manipulation
T1070.009 - Clear Persistence
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

Scattered Spider

Score: 5.35

Matched TTPs:

T1565.002 - Transmitted Data Manipulation
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

Aquatic Panda

Score: 3.81

Matched TTPs:

T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

FIN10

Score: 3.03

Matched TTPs:

T1070.009 - Clear Persistence
T1622 - Debugger Evasion

MITREへのリンク →

menuPass

Score: 3.81

Matched TTPs:

T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

APT38

Score: 3.52

Matched TTPs:

T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

BlackByte

Score: 3.81

Matched TTPs:

T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

Ember Bear

Score: 5.51

Matched TTPs:

T1070.009 - Clear Persistence
T1003.003 - NTDS

MITREへのリンク →

APT41

Score: 3.81

Matched TTPs:

T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

APT28

Score: 3.52

Matched TTPs:

T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Dragonfly

Score: 6.64

Matched TTPs:

T1070.009 - Clear Persistence
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

APT5

Score: 3.03

Matched TTPs:

T1070.009 - Clear Persistence
T1622 - Debugger Evasion

MITREへのリンク →

Chimera

Score: 3.81

Matched TTPs:

T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

Volt Typhoon

Score: 6.64

Matched TTPs:

T1070.009 - Clear Persistence
T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

INC Ransom

Score: 3.81

Matched TTPs:

T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

Silence

Score: 3.81

Matched TTPs:

T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

Daggerfly

Score: 4.97

Matched TTPs:

T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Indrik Spider

Score: 5.26

Matched TTPs:

T1546.016 - Installer Packages
T1547.013 - XDG Autostart Entries
T1622 - Debugger Evasion

MITREへのリンク →

Moonstone Sleet

Score: 3.30

Matched TTPs:

T1547.013 - XDG Autostart Entries
T1547.008 - LSASS Driver

MITREへのリンク →

Ajax Security Team

Score: 3.30

Matched TTPs:

T1547.013 - XDG Autostart Entries
T1547.008 - LSASS Driver

MITREへのリンク →

Axiom

Score: 6.19

Matched TTPs:

T1622 - Debugger Evasion
T1160 - Launch Daemon

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.81

Matched TTPs:

T1543.003 - Windows Service
T1565.002 - Transmitted Data Manipulation
T1622 - Debugger Evasion
T1070.009 - Clear Persistence
T1003.003 - NTDS
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

OilRig

Score: 0.74

Matched TTPs:

T1543.003 - Windows Service
T1622 - Debugger Evasion
T1070.009 - Clear Persistence
T1128 - Netsh Helper DLL
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

APT29

Score: 0.69

Matched TTPs:

T1543.003 - Windows Service
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver
T1592.004 - Client Configurations

MITREへのリンク →

Medusa Group

Score: 0.67

Matched TTPs:

T1622 - Debugger Evasion
T1070.009 - Clear Persistence
T1128 - Netsh Helper DLL
T1547.013 - XDG Autostart Entries
T1218.003 - CMSTP

MITREへのリンク →

Wizard Spider

Score: 0.66

Matched TTPs:

T1543.003 - Windows Service
T1622 - Debugger Evasion
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode
T1567.001 - Exfiltration to Code Repository

MITREへのリンク →

Lazarus Group

Score: 0.66

Matched TTPs:

T1543.003 - Windows Service
T1622 - Debugger Evasion
T1070.009 - Clear Persistence
T1547.008 - LSASS Driver
T1547.013 - XDG Autostart Entries
T1546.016 - Installer Packages

MITREへのリンク →

FIN8

Score: 0.63

Matched TTPs:

T1543.003 - Windows Service
T1622 - Debugger Evasion
T1070.009 - Clear Persistence
T1128 - Netsh Helper DLL
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

FIN7

Score: 0.61

Matched TTPs:

T1543.003 - Windows Service
T1622 - Debugger Evasion
T1021.005 - VNC
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Cobalt Group

Score: 0.61

Matched TTPs:

T1543.003 - Windows Service
T1622 - Debugger Evasion
T1070.009 - Clear Persistence
T1128 - Netsh Helper DLL
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode

MITREへのリンク →

Magic Hound

Score: 0.59

Matched TTPs:

T1543.003 - Windows Service
T1622 - Debugger Evasion
T1070.009 - Clear Persistence
T1547.013 - XDG Autostart Entries
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

FIN6

Score: 0.56

Matched TTPs:

T1547.008 - LSASS Driver
T1622 - Debugger Evasion
T1128 - Netsh Helper DLL
T1070.009 - Clear Persistence

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る