Trusted Design

Bitter Sweet: Supporters of Mexico’s Soda Tax Targeted With NSO Exploit Links

概要

This report describes an espionage operation using government-exclusive spyware to target a Mexican government food scientists and two public health advocates. The operation used spyware made by the NSO Group, an Israeli company that sells intrusion tools to remotely compromise mobile phones. On August 25, 2016, the Citizen Lab published a report showing that NSO’s technology was used to target Ahmed Mansoor, a UAE-based human rights defender, as well as identifying targeting in Mexico. Mexico has previously confirmed that it is a purchaser of NSO Group’s spyware.

Created: 2026-02-23

Indicators

類似Pulses

Investigation Into Mexican Mass Disappearance Targeted with NSO Spyware (score: 0.73)
Reckless Exploit: Mexican Journalists, Lawyers, and a Child Targeted with NSO Spyware - The Citizen Lab (score: 0.72)
Reckless Exploit: Mexican Journalists, Lawyers, and a Child Targeted with NSO Spyware (score: 0.71)
Lawyers For Murdered Mexican Women’s Families Targeted with NSO Spyware (score: 0.70)
NSO-powered Campaign (score: 0.64)

このPulseに関連する脅威アクター (事実ベース)

Gamaredon Group

Score: 7.14

Matched TTPs:

T1021.005 - VNC
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

FIN7

Score: 8.85

Matched TTPs:

T1021.005 - VNC
T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link

MITREへのリンク →

GCMAN

Score: 3.62

Matched TTPs:

T1021.005 - VNC

MITREへのリンク →

Fox Kitten

Score: 6.05

Matched TTPs:

T1021.005 - VNC
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

MuddyWater

Score: 3.58

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

LuminousMoth

Score: 3.58

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Confucius

Score: 3.58

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Kimsuky

Score: 13.67

Matched TTPs:

T1566.002 - Spearphishing Link
T1219.002 - Remote Desktop Software
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link
T1588.005 - Exploits

MITREへのリンク →

Sidewinder

Score: 3.58

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Elderwood

Score: 3.58

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Mustard Tempest

Score: 3.58

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Sandworm Team

Score: 7.80

Matched TTPs:

T1566.002 - Spearphishing Link
T1070.004 - File Deletion
T1584.004 - Server
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Evilnum

Score: 7.89

Matched TTPs:

T1566.002 - Spearphishing Link
T1219.002 - Remote Desktop Software
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Mustang Panda

Score: 7.89

Matched TTPs:

T1566.002 - Spearphishing Link
T1219.002 - Remote Desktop Software
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

FIN8

Score: 9.36

Matched TTPs:

T1566.002 - Spearphishing Link
T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link

MITREへのリンク →

APT32

Score: 8.81

Matched TTPs:

T1566.002 - Spearphishing Link
T1550.003 - Pass the Ticket
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

APT3

Score: 6.61

Matched TTPs:

T1566.002 - Spearphishing Link
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link

MITREへのリンク →

APT1

Score: 3.09

Matched TTPs:

T1566.002 - Spearphishing Link
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Lazarus Group

Score: 10.61

Matched TTPs:

T1566.002 - Spearphishing Link
T1070.004 - File Deletion
T1584.004 - Server
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1566.003 - Spearphishing via Service

MITREへのリンク →

Leviathan

Score: 8.06

Matched TTPs:

T1566.002 - Spearphishing Link
T1584.004 - Server
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link

MITREへのリンク →

APT33

Score: 7.72

Matched TTPs:

T1566.002 - Spearphishing Link
T1552.006 - Group Policy Preferences
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

ZIRCONIUM

Score: 3.58

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

EXOTIC LILY

Score: 5.33

Matched TTPs:

T1566.002 - Spearphishing Link
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Molerats

Score: 3.58

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Magic Hound

Score: 9.14

Matched TTPs:

T1566.002 - Spearphishing Link
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

OilRig

Score: 11.88

Matched TTPs:

T1566.002 - Spearphishing Link
T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Windshift

Score: 6.11

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Cobalt Group

Score: 9.36

Matched TTPs:

T1566.002 - Spearphishing Link
T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link

MITREへのリンク →

APT29

Score: 11.33

Matched TTPs:

T1566.002 - Spearphishing Link
T1550.003 - Pass the Ticket
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

TA2541

Score: 6.33

Matched TTPs:

T1566.002 - Spearphishing Link
T1573.002 - Asymmetric Cryptography
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Earth Lusca

Score: 5.64

Matched TTPs:

T1566.002 - Spearphishing Link
T1584.004 - Server
T1204.001 - Malicious Link

MITREへのリンク →

RedCurl

Score: 6.93

Matched TTPs:

T1566.002 - Spearphishing Link
T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1204.001 - Malicious Link

MITREへのリンク →

Storm-1811

Score: 7.68

Matched TTPs:

T1566.002 - Spearphishing Link
T1219.002 - Remote Desktop Software
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

Turla

Score: 6.42

Matched TTPs:

T1566.002 - Spearphishing Link
T1584.004 - Server
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Wizard Spider

Score: 10.74

Matched TTPs:

T1566.002 - Spearphishing Link
T1552.006 - Group Policy Preferences
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link

MITREへのリンク →

Patchwork

Score: 6.61

Matched TTPs:

T1566.002 - Spearphishing Link
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link

MITREへのリンク →

TA505

Score: 3.58

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

LazyScripter

Score: 3.58

Matched TTPs:

T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

APT42

Score: 4.19

Matched TTPs:

T1566.002 - Spearphishing Link
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

APT39

Score: 6.61

Matched TTPs:

T1566.002 - Spearphishing Link
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link

MITREへのリンク →

Medusa Group

Score: 10.68

Matched TTPs:

T1608.002 - Upload Tool
T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Threat Group-3390

Score: 6.29

Matched TTPs:

T1608.002 - Upload Tool
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer

MITREへのリンク →

BRONZE BUTLER

Score: 6.00

Matched TTPs:

T1550.003 - Pass the Ticket
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer

MITREへのリンク →

Tropic Trooper

Score: 4.90

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1105 - Ingress Tool Transfer

MITREへのリンク →

FIN6

Score: 8.30

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1021.001 - Remote Desktop Protocol
T1566.003 - Spearphishing via Service

MITREへのリンク →

Contagious Interview

Score: 8.19

Matched TTPs:

T1219.002 - Remote Desktop Software
T1070.004 - File Deletion
T1204.001 - Malicious Link
T1566.003 - Spearphishing via Service

MITREへのリンク →

Scattered Spider

Score: 5.35

Matched TTPs:

T1219.002 - Remote Desktop Software
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Aquatic Panda

Score: 3.81

Matched TTPs:

T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

FIN10

Score: 3.03

Matched TTPs:

T1070.004 - File Deletion
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

menuPass

Score: 3.81

Matched TTPs:

T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT38

Score: 3.52

Matched TTPs:

T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

BlackByte

Score: 3.81

Matched TTPs:

T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Ember Bear

Score: 5.51

Matched TTPs:

T1070.004 - File Deletion
T1588.005 - Exploits

MITREへのリンク →

APT41

Score: 3.81

Matched TTPs:

T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT28

Score: 3.52

Matched TTPs:

T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Dragonfly

Score: 6.64

Matched TTPs:

T1070.004 - File Deletion
T1584.004 - Server
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT5

Score: 3.03

Matched TTPs:

T1070.004 - File Deletion
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Chimera

Score: 3.81

Matched TTPs:

T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Volt Typhoon

Score: 6.64

Matched TTPs:

T1070.004 - File Deletion
T1584.004 - Server
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

INC Ransom

Score: 3.81

Matched TTPs:

T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Silence

Score: 3.81

Matched TTPs:

T1070.004 - File Deletion
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Daggerfly

Score: 4.97

Matched TTPs:

T1584.004 - Server
T1105 - Ingress Tool Transfer
T1204.001 - Malicious Link

MITREへのリンク →

Indrik Spider

Score: 5.26

Matched TTPs:

T1584.004 - Server
T1105 - Ingress Tool Transfer
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Moonstone Sleet

Score: 3.30

Matched TTPs:

T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

Ajax Security Team

Score: 3.30

Matched TTPs:

T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

Axiom

Score: 6.19

Matched TTPs:

T1021.001 - Remote Desktop Protocol
T1001.002 - Steganography

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.81

Matched TTPs:

T1105 - Ingress Tool Transfer
T1588.005 - Exploits
T1566.002 - Spearphishing Link
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link
T1070.004 - File Deletion
T1219.002 - Remote Desktop Software

MITREへのリンク →

OilRig

Score: 0.74

Matched TTPs:

T1566.003 - Spearphishing via Service
T1105 - Ingress Tool Transfer
T1566.002 - Spearphishing Link
T1573.002 - Asymmetric Cryptography
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link
T1070.004 - File Deletion

MITREへのリンク →

APT29

Score: 0.69

Matched TTPs:

T1566.003 - Spearphishing via Service
T1105 - Ingress Tool Transfer
T1566.002 - Spearphishing Link
T1550.003 - Pass the Ticket
T1204.001 - Malicious Link
T1070.004 - File Deletion

MITREへのリンク →

Medusa Group

Score: 0.67

Matched TTPs:

T1608.002 - Upload Tool
T1105 - Ingress Tool Transfer
T1573.002 - Asymmetric Cryptography
T1021.001 - Remote Desktop Protocol
T1070.004 - File Deletion

MITREへのリンク →

Wizard Spider

Score: 0.66

Matched TTPs:

T1105 - Ingress Tool Transfer
T1566.002 - Spearphishing Link
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link
T1070.004 - File Deletion
T1552.006 - Group Policy Preferences

MITREへのリンク →

Lazarus Group

Score: 0.66

Matched TTPs:

T1566.003 - Spearphishing via Service
T1105 - Ingress Tool Transfer
T1566.002 - Spearphishing Link
T1021.001 - Remote Desktop Protocol
T1070.004 - File Deletion
T1584.004 - Server

MITREへのリンク →

FIN8

Score: 0.63

Matched TTPs:

T1105 - Ingress Tool Transfer
T1566.002 - Spearphishing Link
T1573.002 - Asymmetric Cryptography
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link
T1070.004 - File Deletion

MITREへのリンク →

FIN7

Score: 0.61

Matched TTPs:

T1021.005 - VNC
T1105 - Ingress Tool Transfer
T1566.002 - Spearphishing Link
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link

MITREへのリンク →

Cobalt Group

Score: 0.61

Matched TTPs:

T1105 - Ingress Tool Transfer
T1566.002 - Spearphishing Link
T1573.002 - Asymmetric Cryptography
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link
T1070.004 - File Deletion

MITREへのリンク →

Magic Hound

Score: 0.59

Matched TTPs:

T1566.003 - Spearphishing via Service
T1105 - Ingress Tool Transfer
T1566.002 - Spearphishing Link
T1021.001 - Remote Desktop Protocol
T1204.001 - Malicious Link
T1070.004 - File Deletion

MITREへのリンク →

FIN6

Score: 0.56

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1070.004 - File Deletion
T1566.003 - Spearphishing via Service
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る