Trusted Design

Threat Spotlight: Group 72 Opening the ZxShell (2014)

概要

Recently, there was a blog post on the takedown of a botnet used by threat actor group known as Group 72 and their involvement in Operation SMN. This group is sophisticated, well funded, and exclusively targets high profile organizations with high value intellectual property in the manufacturing, industrial, aerospace, defense, and media sector. The primary attack vectors are watering-hole, spear phishing, and other web-based attacks.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

LAPSUS$

Score: 14.75
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1591.002 - Business Relationships
  • T1199 - Trusted Relationship
  • T1591.004 - Identify Roles
MITREへのリンク →

Ember Bear

Score: 4.13
Matched TTPs:
  • T1491.002 - External Defacement
MITREへのリンク →

Sandworm Team

Score: 25.71
Matched TTPs:
  • T1491.002 - External Defacement
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1591.002 - Business Relationships
  • T1584.005 - Botnet
  • T1199 - Trusted Relationship
  • T1593 - Search Open Websites/Domains
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Silent Librarian

Score: 5.74
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
MITREへのリンク →

Kimsuky

Score: 23.95
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1593 - Search Open Websites/Domains
  • T1585.001 - Social Media Accounts
  • T1593.001 - Social Media
  • T1598 - Phishing for Information
MITREへのリンク →

Volt Typhoon

Score: 17.10
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1593 - Search Open Websites/Domains
  • T1591.004 - Identify Roles
MITREへのリンク →

EXOTIC LILY

Score: 11.99
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1585.001 - Social Media Accounts
  • T1593.001 - Social Media
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA578

Score: 5.30
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1583.006 - Web Services
MITREへのリンク →

Scattered Spider

Score: 8.24
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1585.001 - Social Media Accounts
  • T1598 - Phishing for Information
MITREへのリンク →

Mustang Panda

Score: 11.89
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1027.007 - Dynamic API Resolution
MITREへのリンク →

ZIRCONIUM

Score: 7.91
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1598 - Phishing for Information
MITREへのリンク →

APT32

Score: 6.81
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Magic Hound

Score: 9.33
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT28

Score: 18.48
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1199 - Trusted Relationship
  • T1598 - Phishing for Information
  • T1498 - Network Denial of Service
MITREへのリンク →

Star Blizzard

Score: 8.08
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1593 - Search Open Websites/Domains
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Moonstone Sleet

Score: 14.05
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1598 - Phishing for Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

CURIUM

Score: 10.94
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1584.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 6.30
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1591.002 - Business Relationships
MITREへのリンク →

UNC3886

Score: 8.26
Matched TTPs:
  • T1681 - Search Threat Vendor Data
  • T1205.001 - Port Knocking
MITREへのリンク →

Contagious Interview

Score: 18.14
Matched TTPs:
  • T1681 - Search Threat Vendor Data
  • T1583.006 - Web Services
  • T1593 - Search Open Websites/Domains
  • T1585.001 - Social Media Accounts
  • T1593.001 - Social Media
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

HAFNIUM

Score: 8.38
Matched TTPs:
  • T1584.005 - Botnet
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
MITREへのリンク →

Axiom

Score: 8.16
Matched TTPs:
  • T1584.005 - Botnet
  • T1001.002 - Steganography
MITREへのリンク →

PROMETHIUM

Score: 4.13
Matched TTPs:
  • T1205.001 - Port Knocking
MITREへのリンク →

Earth Lusca

Score: 5.63
Matched TTPs:
  • T1583.006 - Web Services
  • T1584.006 - Web Services
MITREへのリンク →

Medusa Group

Score: 7.10
Matched TTPs:
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Turla

Score: 5.63
Matched TTPs:
  • T1583.006 - Web Services
  • T1584.006 - Web Services
MITREへのリンク →

APT29

Score: 7.28
Matched TTPs:
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN7

Score: 8.92
Matched TTPs:
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1591.004 - Identify Roles
MITREへのリンク →

Lazarus Group

Score: 14.29
Matched TTPs:
  • T1583.006 - Web Services
  • T1591 - Gather Victim Org Information
  • T1585.001 - Social Media Accounts
  • T1027.007 - Dynamic API Resolution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gamaredon Group

Score: 5.16
Matched TTPs:
  • T1583.006 - Web Services
  • T1027.015 - Compression
MITREへのリンク →

POLONIUM

Score: 4.76
Matched TTPs:
  • T1583.006 - Web Services
  • T1199 - Trusted Relationship
MITREへのリンク →

TA2541

Score: 7.91
Matched TTPs:
  • T1583.006 - Web Services
  • T1573.002 - Asymmetric Cryptography
  • T1027.015 - Compression
MITREへのリンク →

APT33

Score: 4.13
Matched TTPs:
  • T1552.006 - Group Policy Preferences
MITREへのリンク →

Wizard Spider

Score: 4.13
Matched TTPs:
  • T1552.006 - Group Policy Preferences
MITREへのリンク →

Threat Group-3390

Score: 5.90
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1027.015 - Compression
MITREへのリンク →

RedCurl

Score: 5.49
Matched TTPs:
  • T1199 - Trusted Relationship
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Winter Vivern

Score: 3.62
Matched TTPs:
  • T1584.006 - Web Services
MITREへのリンク →

HEXANE

Score: 5.96
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1591.004 - Identify Roles
MITREへのリンク →

Leviathan

Score: 5.49
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1027.015 - Compression
MITREへのリンク →

Storm-1811

Score: 7.06
Matched TTPs:
  • T1667 - Email Bombing
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 5.27
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN6

Score: 5.27
Matched TTPs:
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Molerats

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

Higaisa

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

Mofang

Score: 3.15
Matched TTPs:
  • T1027.015 - Compression
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.85
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1584.005 - Botnet
  • T1491.002 - External Defacement
  • T1591.002 - Business Relationships
  • T1199 - Trusted Relationship
  • T1593 - Search Open Websites/Domains
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Kimsuky

Score: 0.80
Matched TTPs:
  • T1594 - Search Victim-Owned Websites
  • T1598.003 - Spearphishing Link
  • T1593.001 - Social Media
  • T1591 - Gather Victim Org Information
  • T1598 - Phishing for Information
  • T1593 - Search Open Websites/Domains
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
MITREへのリンク →

APT28

Score: 0.65
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1591 - Gather Victim Org Information
  • T1199 - Trusted Relationship
  • T1498 - Network Denial of Service
  • T1598 - Phishing for Information
  • T1583.006 - Web Services
MITREへのリンク →

Contagious Interview

Score: 0.61
Matched TTPs:
  • T1593.001 - Social Media
  • T1583.006 - Web Services
  • T1566.003 - Spearphishing via Service
  • T1593 - Search Open Websites/Domains
  • T1681 - Search Threat Vendor Data
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Volt Typhoon

Score: 0.59
Matched TTPs:
  • T1591.004 - Identify Roles
  • T1594 - Search Victim-Owned Websites
  • T1584.005 - Botnet
  • T1591 - Gather Victim Org Information
  • T1593 - Search Open Websites/Domains
MITREへのリンク →

Lazarus Group

Score: 0.56
Matched TTPs:
  • T1027.007 - Dynamic API Resolution
  • T1566.003 - Spearphishing via Service
  • T1591 - Gather Victim Org Information
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
MITREへのリンク →

LAPSUS$

Score: 0.55
Matched TTPs:
  • T1597.002 - Purchase Technical Data
  • T1591.004 - Identify Roles
  • T1591.002 - Business Relationships
  • T1199 - Trusted Relationship
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る