Trusted Design

Callisto Group

概要

The Callisto Group is an advanced threat actor whose known targets include military personnel, government officials, think tanks, and journalists in Europe and the South Caucasus. Their primary interest appears to be gathering intelligence related to foreign and security policy in the Eastern Europe and South Caucasus regions. In October 2015 the Callisto Group targeted a handful of individuals with phishing emails that attempted to obtain the target’s webmail credentials. In early 2016 the Callisto Group began sending highly targeted spear phishing emails with malicious attachments that contained, as their final payload, the “Scout” malware tool from the HackingTeam RCS Galileo platform.

Created: 2026-02-23

Indicators

類似Pulses

Targets Middle Eastern Telecommunications Companies (score: 0.63)
New Attacks Linked to C0d0s0 Group (score: 0.62)
Stealthy Cyberespionage Campaign Attacks With Social Engineering (score: 0.62)
BBSRAT Attacks Targeting Russian Organizations (score: 0.62)
MALWARE POSING AS HUMAN RIGHTS ORGANIZATIONS AND COMMERCIAL SOFTWARE TARGETING IRANIANS AND FOREIGN POLICY INSTITUTIONS (score: 0.62)

このPulseに関連する脅威アクター (事実ベース)

Contagious Interview

Score: 22.86

Matched TTPs:

T1044 - File System Permissions Weakness
T1021.006 - Windows Remote Management
T1552.003 - Shell History
T1608.005 - Link Target
T1102.003 - One-Way Communication
T1690 - Prevent Command History Logging
T1547.008 - LSASS Driver

MITREへのリンク →

Scattered Spider

Score: 19.97

Matched TTPs:

T1666 - Modify Cloud Resource Hierarchy
T1560.003 - Archive via Custom Method
T1566.002 - Spearphishing Link
T1019 - System Firmware
T1552.003 - Shell History
T1197 - BITS Jobs

MITREへのリンク →

FIN4

Score: 4.13

Matched TTPs:

T1666 - Modify Cloud Resource Hierarchy

MITREへのリンク →

Ember Bear

Score: 5.63

Matched TTPs:

T1564.008 - Email Hiding Rules
T1218.010 - Regsvr32

MITREへのリンク →

Sandworm Team

Score: 21.46

Matched TTPs:

T1564.008 - Email Hiding Rules
T1566.002 - Spearphishing Link
T1193 - Spearphishing Attachment
T1102.003 - One-Way Communication
T1187 - Forced Authentication
T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

APT41

Score: 4.78

Matched TTPs:

T1560.003 - Archive via Custom Method
T1218.010 - Regsvr32

MITREへのリンク →

TA505

Score: 3.29

Matched TTPs:

T1560.003 - Archive via Custom Method

MITREへのリンク →

Volt Typhoon

Score: 20.44

Matched TTPs:

T1560.003 - Archive via Custom Method
T1057 - Process Discovery
T1102.003 - One-Way Communication
T1584.002 - DNS Server
T1065 - Uncommonly Used Port
T1665 - Hide Infrastructure

MITREへのリンク →

APT3

Score: 4.78

Matched TTPs:

T1560.003 - Archive via Custom Method
T1218.010 - Regsvr32

MITREへのリンク →

FIN13

Score: 5.81

Matched TTPs:

T1560.003 - Archive via Custom Method
T1552.003 - Shell History

MITREへのリンク →

Sidewinder

Score: 7.57

Matched TTPs:

T1566.002 - Spearphishing Link
T1657 - Financial Theft
T1218.010 - Regsvr32

MITREへのリンク →

Mustang Panda

Score: 13.38

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1102.003 - One-Way Communication
T1218.010 - Regsvr32
T1055.005 - Thread Local Storage

MITREへのリンク →

ZIRCONIUM

Score: 10.31

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1547.002 - Authentication Package
T1197 - BITS Jobs

MITREへのリンク →

APT32

Score: 8.63

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1218.010 - Regsvr32
T1490 - Inhibit System Recovery

MITREへのリンク →

Kimsuky

Score: 35.65

Matched TTPs:

T1566.002 - Spearphishing Link
T1552.003 - Shell History
T1608.005 - Link Target
T1057 - Process Discovery
T1055.014 - VDSO Hijacking
T1102.003 - One-Way Communication
T1562.013 - Disable or Modify Network Device Firewall
T1690 - Prevent Command History Logging
T1547.002 - Authentication Package
T1197 - BITS Jobs
T1665 - Hide Infrastructure
T1490 - Inhibit System Recovery

MITREへのリンク →

Magic Hound

Score: 17.77

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1187 - Forced Authentication
T1547.002 - Authentication Package
T1098.002 - Additional Email Delegate Permissions
T1547.008 - LSASS Driver

MITREへのリンク →

APT28

Score: 19.22

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1057 - Process Discovery
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1197 - BITS Jobs
T1566.003 - Spearphishing via Service

MITREへのリンク →

Star Blizzard

Score: 9.37

Matched TTPs:

T1566.002 - Spearphishing Link
T1657 - Financial Theft
T1102.003 - One-Way Communication

MITREへのリンク →

Moonstone Sleet

Score: 11.71

Matched TTPs:

T1566.002 - Spearphishing Link
T1057 - Process Discovery
T1197 - BITS Jobs
T1547.008 - LSASS Driver

MITREへのリンク →

CURIUM

Score: 4.98

Matched TTPs:

T1566.002 - Spearphishing Link
T1547.008 - LSASS Driver

MITREへのリンク →

Dragonfly

Score: 11.42

Matched TTPs:

T1566.002 - Spearphishing Link
T1193 - Spearphishing Attachment
T1657 - Financial Theft
T1218.010 - Regsvr32

MITREへのリンク →

Patchwork

Score: 6.79

Matched TTPs:

T1566.002 - Spearphishing Link
T1218.010 - Regsvr32
T1665 - Hide Infrastructure

MITREへのリンク →

Medusa Group

Score: 15.95

Matched TTPs:

T1218.003 - CMSTP
T1552.003 - Shell History
T1608.005 - Link Target
T1128 - Netsh Helper DLL
T1094 - Custom Command and Control Protocol

MITREへのリンク →

Threat Group-3390

Score: 5.63

Matched TTPs:

T1218.003 - CMSTP
T1218.010 - Regsvr32

MITREへのリンク →

UNC3886

Score: 5.63

Matched TTPs:

T1021.006 - Windows Remote Management
T1218.010 - Regsvr32

MITREへのリンク →

LAPSUS$

Score: 11.60

Matched TTPs:

T1019 - System Firmware
T1193 - Spearphishing Attachment
T1065 - Uncommonly Used Port

MITREへのリンク →

HAFNIUM

Score: 9.22

Matched TTPs:

T1059 - Command and Scripting Interpreter
T1608.005 - Link Target
T1490 - Inhibit System Recovery

MITREへのリンク →

INC Ransom

Score: 5.81

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Play

Score: 5.19

Matched TTPs:

T1552.003 - Shell History
T1490 - Inhibit System Recovery

MITREへのリンク →

Turla

Score: 14.54

Matched TTPs:

T1608.005 - Link Target
T1055.012 - Process Hollowing
T1547.002 - Authentication Package
T1556.009 - Conditional Access Policies
T1490 - Inhibit System Recovery

MITREへのリンク →

MuddyWater

Score: 5.90

Matched TTPs:

T1608.005 - Link Target
T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

APT29

Score: 8.69

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32
T1547.008 - LSASS Driver
T1490 - Inhibit System Recovery

MITREへのリンク →

FIN7

Score: 13.98

Matched TTPs:

T1608.005 - Link Target
T1057 - Process Discovery
T1547.002 - Authentication Package
T1065 - Uncommonly Used Port
T1490 - Inhibit System Recovery

MITREへのリンク →

Lazarus Group

Score: 18.68

Matched TTPs:

T1608.005 - Link Target
T1057 - Process Discovery
T1547.002 - Authentication Package
T1218.010 - Regsvr32
T1055.005 - Thread Local Storage
T1665 - Hide Infrastructure
T1547.008 - LSASS Driver

MITREへのリンク →

Confucius

Score: 6.34

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32
T1665 - Hide Infrastructure

MITREへのリンク →

Gamaredon Group

Score: 8.03

Matched TTPs:

T1608.005 - Link Target
T1055.014 - VDSO Hijacking
T1547.002 - Authentication Package

MITREへのリンク →

Saint Bear

Score: 3.51

Matched TTPs:

T1608.005 - Link Target
T1218.010 - Regsvr32

MITREへのリンク →

POLONIUM

Score: 4.41

Matched TTPs:

T1608.005 - Link Target
T1547.002 - Authentication Package

MITREへのリンク →

TA2541

Score: 4.76

Matched TTPs:

T1608.005 - Link Target
T1128 - Netsh Helper DLL

MITREへのリンク →

SideCopy

Score: 7.75

Matched TTPs:

T1657 - Financial Theft
T1584.002 - DNS Server

MITREへのリンク →

APT33

Score: 5.63

Matched TTPs:

T1567.001 - Exfiltration to Code Repository
T1218.010 - Regsvr32

MITREへのリンク →

Wizard Spider

Score: 7.75

Matched TTPs:

T1567.001 - Exfiltration to Code Repository
T1556.009 - Conditional Access Policies

MITREへのリンク →

Leviathan

Score: 5.12

Matched TTPs:

T1055.014 - VDSO Hijacking
T1218.010 - Regsvr32

MITREへのリンク →

HEXANE

Score: 9.64

Matched TTPs:

T1055.014 - VDSO Hijacking
T1547.002 - Authentication Package
T1065 - Uncommonly Used Port

MITREへのリンク →

Sea Turtle

Score: 7.44

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall
T1218.010 - Regsvr32
T1490 - Inhibit System Recovery

MITREへのリンク →

Axiom

Score: 4.78

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall
T1218.010 - Regsvr32

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

OilRig

Score: 14.23

Matched TTPs:

T1055.012 - Process Hollowing
T1218.010 - Regsvr32
T1128 - Netsh Helper DLL
T1556.009 - Conditional Access Policies
T1547.008 - LSASS Driver

MITREへのリンク →

Chimera

Score: 6.68

Matched TTPs:

T1055.012 - Process Hollowing
T1665 - Hide Infrastructure

MITREへのリンク →

Andariel

Score: 5.34

Matched TTPs:

T1187 - Forced Authentication
T1218.010 - Regsvr32

MITREへのリンク →

Storm-1811

Score: 11.60

Matched TTPs:

T1486 - Data Encrypted for Impact
T1567.003 - Exfiltration to Text Storage Sites
T1547.008 - LSASS Driver

MITREへのリンク →

EXOTIC LILY

Score: 7.86

Matched TTPs:

T1690 - Prevent Command History Logging
T1218.010 - Regsvr32
T1547.008 - LSASS Driver

MITREへのリンク →

APT37

Score: 3.89

Matched TTPs:

T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

APT12

Score: 3.89

Matched TTPs:

T1547.002 - Authentication Package
T1218.010 - Regsvr32

MITREへのリンク →

Higaisa

Score: 4.33

Matched TTPs:

T1218.010 - Regsvr32
T1665 - Hide Infrastructure

MITREへのリンク →

Cobalt Group

Score: 4.24

Matched TTPs:

T1218.010 - Regsvr32
T1128 - Netsh Helper DLL

MITREへのリンク →

Tropic Trooper

Score: 9.74

Matched TTPs:

T1218.010 - Regsvr32
T1128 - Netsh Helper DLL
T1665 - Hide Infrastructure
T1490 - Inhibit System Recovery

MITREへのリンク →

Velvet Ant

Score: 9.54

Matched TTPs:

T1128 - Netsh Helper DLL
T1490 - Inhibit System Recovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN6

Score: 5.27

Matched TTPs:

T1128 - Netsh Helper DLL
T1547.008 - LSASS Driver

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

ToddyCat

Score: 5.36

Matched TTPs:

T1665 - Hide Infrastructure
T1547.008 - LSASS Driver

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.84

Matched TTPs:

T1547.002 - Authentication Package
T1665 - Hide Infrastructure
T1490 - Inhibit System Recovery
T1562.013 - Disable or Modify Network Device Firewall
T1690 - Prevent Command History Logging
T1197 - BITS Jobs
T1566.002 - Spearphishing Link
T1102.003 - One-Way Communication
T1057 - Process Discovery
T1055.014 - VDSO Hijacking
T1552.003 - Shell History
T1608.005 - Link Target

MITREへのリンク →

Sandworm Team

Score: 0.57

Matched TTPs:

T1547.002 - Authentication Package
T1564.008 - Email Hiding Rules
T1187 - Forced Authentication
T1566.002 - Spearphishing Link
T1102.003 - One-Way Communication
T1218.010 - Regsvr32
T1193 - Spearphishing Attachment

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る