Trusted Design

Malicious E-mail Phishing

概要

The indicators described in this pulse are sending Phishing e-mails to O365 users requesting they click on the link within the e-mail to release e-mails from the O365 quarantine. Upon clicking on the link the user is prompted to enter his or her e-mail credentials into an unsecured page hosted by the indicators. Please blacklist Domain and IPs they are targeting financial groups.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Fake O365 message Important Upgrade Is Required Phishing &#8211; My Online Security (score: 0.73)
"Notice" - Phishing Email (score: 0.72)
Phishing campaign from ambercapitalllc.com (score: 0.68)
Mr.Xpl0it (score: 0.67)
Office 365 Phishing attacks create a sustained insider nightmare for IT | CSO Online (score: 0.66)

このPulseに関連する脅威アクター (事実ベース)

MuddyWater

Score: 5.20

Matched TTPs:

T1543.003 - Windows Service
T1547.002 - Authentication Package
T1027.018 - Invisible Unicode

MITREへのリンク →

LuminousMoth

Score: 5.47

Matched TTPs:

T1543.003 - Windows Service
T1105 - Ingress Tool Transfer
T1027.018 - Invisible Unicode

MITREへのリンク →

Confucius

Score: 5.64

Matched TTPs:

T1543.003 - Windows Service
T1027.018 - Invisible Unicode
T1665 - Hide Infrastructure

MITREへのリンク →

Kimsuky

Score: 25.70

Matched TTPs:

T1543.003 - Windows Service
T1566.002 - Spearphishing Link
T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall
T1547.002 - Authentication Package
T1197 - BITS Jobs
T1027.018 - Invisible Unicode
T1665 - Hide Infrastructure
T1053.002 - At
T1490 - Inhibit System Recovery

MITREへのリンク →

Sidewinder

Score: 5.27

Matched TTPs:

T1543.003 - Windows Service
T1566.002 - Spearphishing Link
T1027.018 - Invisible Unicode

MITREへのリンク →

FIN7

Score: 10.54

Matched TTPs:

T1543.003 - Windows Service
T1547.002 - Authentication Package
T1105 - Ingress Tool Transfer
T1027.018 - Invisible Unicode
T1490 - Inhibit System Recovery

MITREへのリンク →

Mustard Tempest

Score: 6.09

Matched TTPs:

T1543.003 - Windows Service
T1027.018 - Invisible Unicode
T1053.002 - At

MITREへのリンク →

Sandworm Team

Score: 7.66

Matched TTPs:

T1543.003 - Windows Service
T1566.002 - Spearphishing Link
T1547.002 - Authentication Package
T1027.018 - Invisible Unicode

MITREへのリンク →

Transparent Tribe

Score: 8.76

Matched TTPs:

T1543.003 - Windows Service
T1105 - Ingress Tool Transfer
T1027.018 - Invisible Unicode
T1053.002 - At

MITREへのリンク →

Mustang Panda

Score: 7.93

Matched TTPs:

T1543.003 - Windows Service
T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1027.018 - Invisible Unicode

MITREへのリンク →

APT32

Score: 10.60

Matched TTPs:

T1543.003 - Windows Service
T1566.002 - Spearphishing Link
T1105 - Ingress Tool Transfer
T1027.018 - Invisible Unicode
T1490 - Inhibit System Recovery

MITREへのリンク →

APT1

Score: 4.73

Matched TTPs:

T1543.003 - Windows Service
T1053.002 - At

MITREへのリンク →

Lazarus Group

Score: 11.87

Matched TTPs:

T1543.003 - Windows Service
T1547.002 - Authentication Package
T1105 - Ingress Tool Transfer
T1665 - Hide Infrastructure
T1547.008 - LSASS Driver

MITREへのリンク →

APT33

Score: 6.94

Matched TTPs:

T1543.003 - Windows Service
T1567.001 - Exfiltration to Code Repository
T1027.018 - Invisible Unicode

MITREへのリンク →

ZIRCONIUM

Score: 11.10

Matched TTPs:

T1543.003 - Windows Service
T1566.002 - Spearphishing Link
T1547.002 - Authentication Package
T1197 - BITS Jobs
T1027.018 - Invisible Unicode

MITREへのリンク →

EXOTIC LILY

Score: 5.33

Matched TTPs:

T1543.003 - Windows Service
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

Magic Hound

Score: 13.47

Matched TTPs:

T1543.003 - Windows Service
T1566.002 - Spearphishing Link
T1547.002 - Authentication Package
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver
T1053.002 - At

MITREへのリンク →

OilRig

Score: 16.64

Matched TTPs:

T1543.003 - Windows Service
T1212 - Exploitation for Credential Access
T1592.002 - Software
T1556.009 - Conditional Access Policies
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

Windshift

Score: 5.33

Matched TTPs:

T1543.003 - Windows Service
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

APT29

Score: 12.53

Matched TTPs:

T1543.003 - Windows Service
T1218.009 - Regsvcs/Regasm
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver
T1490 - Inhibit System Recovery

MITREへのリンク →

FIN4

Score: 6.94

Matched TTPs:

T1543.003 - Windows Service
T1574.010 - Services File Permissions Weakness
T1027.018 - Invisible Unicode

MITREへのリンク →

RedCurl

Score: 9.61

Matched TTPs:

T1543.003 - Windows Service
T1574.010 - Services File Permissions Weakness
T1105 - Ingress Tool Transfer
T1027.018 - Invisible Unicode

MITREへのリンク →

Storm-1811

Score: 8.51

Matched TTPs:

T1543.003 - Windows Service
T1567.003 - Exfiltration to Text Storage Sites
T1547.008 - LSASS Driver

MITREへのリンク →

Turla

Score: 14.64

Matched TTPs:

T1543.003 - Windows Service
T1212 - Exploitation for Credential Access
T1547.002 - Authentication Package
T1556.009 - Conditional Access Policies
T1027.018 - Invisible Unicode
T1490 - Inhibit System Recovery

MITREへのリンク →

Wizard Spider

Score: 10.56

Matched TTPs:

T1543.003 - Windows Service
T1567.001 - Exfiltration to Code Repository
T1556.009 - Conditional Access Policies
T1027.018 - Invisible Unicode

MITREへのリンク →

Patchwork

Score: 8.10

Matched TTPs:

T1543.003 - Windows Service
T1566.002 - Spearphishing Link
T1027.018 - Invisible Unicode
T1665 - Hide Infrastructure

MITREへのリンク →

APT39

Score: 5.20

Matched TTPs:

T1543.003 - Windows Service
T1547.002 - Authentication Package
T1027.018 - Invisible Unicode

MITREへのリンク →

Scattered Spider

Score: 12.55

Matched TTPs:

T1566.002 - Spearphishing Link
T1552.003 - Shell History
T1197 - BITS Jobs
T1557.002 - ARP Cache Poisoning

MITREへのリンク →

APT28

Score: 16.45

Matched TTPs:

T1566.002 - Spearphishing Link
T1547.002 - Authentication Package
T1197 - BITS Jobs
T1105 - Ingress Tool Transfer
T1027.018 - Invisible Unicode
T1055.008 - Ptrace System Calls

MITREへのリンク →

Moonstone Sleet

Score: 8.42

Matched TTPs:

T1566.002 - Spearphishing Link
T1197 - BITS Jobs
T1547.008 - LSASS Driver

MITREへのリンク →

CURIUM

Score: 4.98

Matched TTPs:

T1566.002 - Spearphishing Link
T1547.008 - LSASS Driver

MITREへのリンク →

UNC3886

Score: 4.13

Matched TTPs:

T1021.006 - Windows Remote Management

MITREへのリンク →

Contagious Interview

Score: 10.54

Matched TTPs:

T1021.006 - Windows Remote Management
T1552.003 - Shell History
T1027.018 - Invisible Unicode
T1547.008 - LSASS Driver

MITREへのリンク →

INC Ransom

Score: 5.81

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

FIN13

Score: 5.19

Matched TTPs:

T1552.003 - Shell History
T1105 - Ingress Tool Transfer

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Medusa Group

Score: 7.06

Matched TTPs:

T1552.003 - Shell History
T1094 - Custom Command and Control Protocol

MITREへのリンク →

Play

Score: 5.19

Matched TTPs:

T1552.003 - Shell History
T1490 - Inhibit System Recovery

MITREへのリンク →

Tonto Team

Score: 3.15

Matched TTPs:

T1212 - Exploitation for Credential Access

MITREへのリンク →

HEXANE

Score: 5.55

Matched TTPs:

T1212 - Exploitation for Credential Access
T1547.002 - Authentication Package

MITREへのリンク →

admin@338

Score: 3.15

Matched TTPs:

T1212 - Exploitation for Credential Access

MITREへのリンク →

Chimera

Score: 5.98

Matched TTPs:

T1212 - Exploitation for Credential Access
T1665 - Hide Infrastructure

MITREへのリンク →

Volt Typhoon

Score: 5.98

Matched TTPs:

T1212 - Exploitation for Credential Access
T1665 - Hide Infrastructure

MITREへのリンク →

Sea Turtle

Score: 5.95

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall
T1490 - Inhibit System Recovery

MITREへのリンク →

Axiom

Score: 3.29

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Gamaredon Group

Score: 3.76

Matched TTPs:

T1547.002 - Authentication Package
T1027.018 - Invisible Unicode

MITREへのリンク →

LAPSUS$

Score: 4.13

Matched TTPs:

T1557.002 - ARP Cache Poisoning

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Tropic Trooper

Score: 8.17

Matched TTPs:

T1105 - Ingress Tool Transfer
T1665 - Hide Infrastructure
T1490 - Inhibit System Recovery

MITREへのリンク →

HAFNIUM

Score: 9.46

Matched TTPs:

T1105 - Ingress Tool Transfer
T1055.008 - Ptrace System Calls
T1490 - Inhibit System Recovery

MITREへのリンク →

ToddyCat

Score: 5.36

Matched TTPs:

T1665 - Hide Infrastructure
T1547.008 - LSASS Driver

MITREへのリンク →

PLATINUM

Score: 4.54

Matched TTPs:

T1686 - Disable or Modify System Firewall

MITREへのリンク →

SideCopy

Score: 3.29

Matched TTPs:

T1053.002 - At

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.76

Matched TTPs:

T1053.002 - At
T1543.003 - Windows Service
T1197 - BITS Jobs
T1665 - Hide Infrastructure
T1566.002 - Spearphishing Link
T1027.018 - Invisible Unicode
T1547.002 - Authentication Package
T1552.003 - Shell History
T1490 - Inhibit System Recovery
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

APT28

Score: 0.55

Matched TTPs:

T1197 - BITS Jobs
T1027.018 - Invisible Unicode
T1566.002 - Spearphishing Link
T1547.002 - Authentication Package
T1055.008 - Ptrace System Calls
T1105 - Ingress Tool Transfer

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る