Trusted Design

Two Years of Pawn Storm

概要

By Feike Hacquebord at Trend Micro. Pawn Storm is an active cyber espionage actor group that has been very aggressive and ambitious in recent years. The group’s activities show that foreign and domestic espionage and influence on geopolitics are the group’s main motives, and not financial gain. Its main targets are armed forces, the defense industry, news media, politicians, and dissidents. We can trace activities of Pawn Storm back to 20041 , and before our initial report in 20142 there wasn’t much published about this actor group. However, since then we have released more than a dozen detailed posts on Pawn Storm. This new report is an updated dissection of the group’s attacks and methodologies—something to help organizations gain a more comprehensive and current view of these processes and what can be done to defend against them.

Created: 2026-02-23

Indicators

類似Pulses

The Spy Kittens Are Back: Rocket Kitten 2 (score: 0.60)
Operation Armageddon (score: 0.59)
Operation Iron Tiger (score: 0.57)
PROJECT CAMERASHY: CLOSING THE APERTURE ON CHINA’S UNIT 78020 (score: 0.57)
Operation Kingphish: Uncovering a Campaign of Cyber Attacks against Civil Society in Qatar and Nepal (score: 0.56)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 4.13

Matched TTPs:

T1491.002 - External Defacement

MITREへのリンク →

Sandworm Team

Score: 11.56

Matched TTPs:

T1491.002 - External Defacement
T1199 - Trusted Relationship
T1585.001 - Social Media Accounts
T1003.003 - NTDS

MITREへのリンク →

Fox Kitten

Score: 7.97

Matched TTPs:

T1217 - Browser Information Discovery
T1585.001 - Social Media Accounts
T1003.003 - NTDS

MITREへのリンク →

Volt Typhoon

Score: 7.14

Matched TTPs:

T1217 - Browser Information Discovery
T1057 - Process Discovery
T1003.003 - NTDS

MITREへのリンク →

APT38

Score: 4.80

Matched TTPs:

T1217 - Browser Information Discovery
T1057 - Process Discovery

MITREへのリンク →

Scattered Spider

Score: 15.03

Matched TTPs:

T1217 - Browser Information Discovery
T1657 - Financial Theft
T1585.001 - Social Media Accounts
T1538 - Cloud Service Dashboard
T1003.003 - NTDS

MITREへのリンク →

Moonstone Sleet

Score: 8.15

Matched TTPs:

T1217 - Browser Information Discovery
T1585.001 - Social Media Accounts
T1566.003 - Spearphishing via Service

MITREへのリンク →

Chimera

Score: 7.14

Matched TTPs:

T1217 - Browser Information Discovery
T1057 - Process Discovery
T1003.003 - NTDS

MITREへのリンク →

Contagious Interview

Score: 7.39

Matched TTPs:

T1657 - Financial Theft
T1585.001 - Social Media Accounts
T1566.003 - Spearphishing via Service

MITREへのリンク →

Kimsuky

Score: 9.53

Matched TTPs:

T1657 - Financial Theft
T1057 - Process Discovery
T1585.001 - Social Media Accounts
T1055.012 - Process Hollowing

MITREへのリンク →

FIN13

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1003.003 - NTDS

MITREへのリンク →

Storm-0501

Score: 4.04

Matched TTPs:

T1657 - Financial Theft
T1057 - Process Discovery

MITREへのリンク →

Medusa Group

Score: 8.72

Matched TTPs:

T1657 - Financial Theft
T1057 - Process Discovery
T1585.001 - Social Media Accounts
T1003.003 - NTDS

MITREへのリンク →

Water Galura

Score: 4.86

Matched TTPs:

T1657 - Financial Theft
T1585.001 - Social Media Accounts

MITREへのリンク →

Play

Score: 4.04

Matched TTPs:

T1657 - Financial Theft
T1057 - Process Discovery

MITREへのリンク →

APT33

Score: 4.13

Matched TTPs:

T1552.006 - Group Policy Preferences

MITREへのリンク →

Wizard Spider

Score: 6.47

Matched TTPs:

T1552.006 - Group Policy Preferences
T1003.003 - NTDS

MITREへのリンク →

Windshift

Score: 4.04

Matched TTPs:

T1057 - Process Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

HAFNIUM

Score: 6.60

Matched TTPs:

T1057 - Process Discovery
T1199 - Trusted Relationship
T1003.003 - NTDS

MITREへのリンク →

Darkhotel

Score: 5.65

Matched TTPs:

T1057 - Process Discovery
T1497.002 - User Activity Based Checks

MITREへのリンク →

APT28

Score: 11.14

Matched TTPs:

T1057 - Process Discovery
T1199 - Trusted Relationship
T1498 - Network Denial of Service
T1003.003 - NTDS

MITREへのリンク →

Lazarus Group

Score: 6.38

Matched TTPs:

T1057 - Process Discovery
T1585.001 - Social Media Accounts
T1566.003 - Spearphishing via Service

MITREへのリンク →

Mustang Panda

Score: 3.86

Matched TTPs:

T1057 - Process Discovery
T1003.003 - NTDS

MITREへのリンク →

ToddyCat

Score: 4.04

Matched TTPs:

T1057 - Process Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN7

Score: 5.65

Matched TTPs:

T1057 - Process Discovery
T1497.002 - User Activity Based Checks

MITREへのリンク →

Magic Hound

Score: 6.38

Matched TTPs:

T1057 - Process Discovery
T1585.001 - Social Media Accounts
T1566.003 - Spearphishing via Service

MITREへのリンク →

Ke3chang

Score: 3.86

Matched TTPs:

T1057 - Process Discovery
T1003.003 - NTDS

MITREへのリンク →

HEXANE

Score: 3.86

Matched TTPs:

T1057 - Process Discovery
T1585.001 - Social Media Accounts

MITREへのリンク →

OilRig

Score: 4.04

Matched TTPs:

T1057 - Process Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Gamaredon Group

Score: 6.06

Matched TTPs:

T1057 - Process Discovery
T1001 - Data Obfuscation

MITREへのリンク →

Threat Group-3390

Score: 5.90

Matched TTPs:

T1199 - Trusted Relationship
T1055.012 - Process Hollowing

MITREへのリンク →

menuPass

Score: 8.24

Matched TTPs:

T1199 - Trusted Relationship
T1055.012 - Process Hollowing
T1003.003 - NTDS

MITREへのリンク →

APT29

Score: 9.81

Matched TTPs:

T1199 - Trusted Relationship
T1562.008 - Disable or Modify Cloud Logs
T1566.003 - Spearphishing via Service

MITREへのリンク →

LAPSUS$

Score: 5.09

Matched TTPs:

T1199 - Trusted Relationship
T1003.003 - NTDS

MITREへのリンク →

EXOTIC LILY

Score: 4.86

Matched TTPs:

T1585.001 - Social Media Accounts
T1566.003 - Spearphishing via Service

MITREへのリンク →

CURIUM

Score: 4.86

Matched TTPs:

T1585.001 - Social Media Accounts
T1566.003 - Spearphishing via Service

MITREへのリンク →

Gorgon Group

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

Patchwork

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

BlackByte

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

TA2541

Score: 3.15

Matched TTPs:

T1055.012 - Process Hollowing

MITREへのリンク →

FIN6

Score: 4.86

Matched TTPs:

T1003.003 - NTDS
T1566.003 - Spearphishing via Service

MITREへのリンク →

Blue Mockingbird

Score: 4.54

Matched TTPs:

T1574.012 - COR_PROFILER

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Scattered Spider

Score: 0.81

Matched TTPs:

T1585.001 - Social Media Accounts
T1657 - Financial Theft
T1538 - Cloud Service Dashboard
T1003.003 - NTDS
T1217 - Browser Information Discovery

MITREへのリンク →

Sandworm Team

Score: 0.67

Matched TTPs:

T1199 - Trusted Relationship
T1003.003 - NTDS
T1585.001 - Social Media Accounts
T1491.002 - External Defacement

MITREへのリンク →

APT28

Score: 0.64

Matched TTPs:

T1199 - Trusted Relationship
T1003.003 - NTDS
T1498 - Network Denial of Service
T1057 - Process Discovery

MITREへのリンク →

APT29

Score: 0.62

Matched TTPs:

T1199 - Trusted Relationship
T1566.003 - Spearphishing via Service
T1562.008 - Disable or Modify Cloud Logs

MITREへのリンク →

Kimsuky

Score: 0.60

Matched TTPs:

T1657 - Financial Theft
T1585.001 - Social Media Accounts
T1055.012 - Process Hollowing
T1057 - Process Discovery

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る