Reckless Exploit: Mexican Journalists, Lawyers, and a Child Targeted with NSO Spyware - The Citizen Lab
概要
Over 76 messages with links to NSO Group’s exploit framework were sent to Mexican journalists, lawyers, and a minor child (NSO Group is a self-described “cyber warfare” company that sells government-exclusive spyware).
The targets were working on a range of issues that include investigations of corruption by the Mexican President, and the participation of Mexico’s Federal authorities in human rights abuses.
Some of the messages impersonated the Embassy of the United States of America to Mexico, others masqueraded as emergency AMBER Alerts about abducted children.
At least one target, the minor child of a target, was sent infection attempts, including a communication impersonating the United States Government, while physically located in the United States.
Created: 2026-02-23
Indicators
Indicatorsは見つかっていない。
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 8.38
Matched TTPs:
- T1216.001 - PubPrn
- T1193 - Spearphishing Attachment
MITREへのリンク →
Score: 5.64
Matched TTPs:
- T1543.003 - Windows Service
- T1027.018 - Invisible Unicode
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 26.45
Matched TTPs:
- T1543.003 - Windows Service
- T1057 - Process Discovery
- T1690 - Prevent Command History Logging
- T1197 - BITS Jobs
- T1656 - Impersonation
- T1027.018 - Invisible Unicode
- T1665 - Hide Infrastructure
- T1003.003 - NTDS
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 12.20
Matched TTPs:
- T1543.003 - Windows Service
- T1057 - Process Discovery
- T1027.018 - Invisible Unicode
- T1055.015 - ListPlanting
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 6.65
Matched TTPs:
- T1543.003 - Windows Service
- T1193 - Spearphishing Attachment
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 10.78
Matched TTPs:
- T1543.003 - Windows Service
- T1567.002 - Exfiltration to Cloud Storage
- T1055.005 - Thread Local Storage
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 5.47
Matched TTPs:
- T1543.003 - Windows Service
- T1027.018 - Invisible Unicode
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 21.51
Matched TTPs:
- T1543.003 - Windows Service
- T1057 - Process Discovery
- T1567.002 - Exfiltration to Cloud Storage
- T1055.005 - Thread Local Storage
- T1055.015 - ListPlanting
- T1665 - Hide Infrastructure
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 6.94
Matched TTPs:
- T1543.003 - Windows Service
- T1567.001 - Exfiltration to Code Repository
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 6.25
Matched TTPs:
- T1543.003 - Windows Service
- T1197 - BITS Jobs
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 9.17
Matched TTPs:
- T1543.003 - Windows Service
- T1690 - Prevent Command History Logging
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 9.87
Matched TTPs:
- T1543.003 - Windows Service
- T1098.002 - Additional Email Delegate Permissions
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 8.77
Matched TTPs:
- T1543.003 - Windows Service
- T1027.018 - Invisible Unicode
- T1055.015 - ListPlanting
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 5.33
Matched TTPs:
- T1543.003 - Windows Service
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 8.00
Matched TTPs:
- T1543.003 - Windows Service
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 3.97
Matched TTPs:
- T1543.003 - Windows Service
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 5.47
Matched TTPs:
- T1543.003 - Windows Service
- T1027.018 - Invisible Unicode
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 6.94
Matched TTPs:
- T1543.003 - Windows Service
- T1567.001 - Exfiltration to Code Repository
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 5.64
Matched TTPs:
- T1543.003 - Windows Service
- T1027.018 - Invisible Unicode
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 6.72
Matched TTPs:
- T1491 - Defacement
- T1656 - Impersonation
MITREへのリンク →
Score: 13.54
Matched TTPs:
- T1491 - Defacement
- T1057 - Process Discovery
- T1584.002 - DNS Server
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 4.65
Matched TTPs:
- T1491 - Defacement
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 6.72
Matched TTPs:
- T1491 - Defacement
- T1197 - BITS Jobs
MITREへのリンク →
Score: 12.53
Matched TTPs:
- T1491 - Defacement
- T1057 - Process Discovery
- T1197 - BITS Jobs
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 6.12
Matched TTPs:
- T1491 - Defacement
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 7.57
Matched TTPs:
- T1021.006 - Windows Remote Management
- T1055.015 - ListPlanting
MITREへのリンク →
Score: 15.30
Matched TTPs:
- T1021.006 - Windows Remote Management
- T1690 - Prevent Command History Logging
- T1656 - Impersonation
- T1027.018 - Invisible Unicode
- T1547.008 - LSASS Driver
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1193 - Spearphishing Attachment
MITREへのリンク →
Score: 8.08
Matched TTPs:
- T1057 - Process Discovery
- T1197 - BITS Jobs
- T1027.018 - Invisible Unicode
MITREへのリンク →
Score: 6.68
Matched TTPs:
- T1567.002 - Exfiltration to Cloud Storage
- T1665 - Hide Infrastructure
MITREへのリンク →
Score: 7.57
Matched TTPs:
- T1656 - Impersonation
- T1003.003 - NTDS
MITREへのリンク →
Score: 5.50
Matched TTPs:
- T1665 - Hide Infrastructure
- T1490 - Inhibit System Recovery
MITREへのリンク →
Score: 5.36
Matched TTPs:
- T1665 - Hide Infrastructure
- T1547.008 - LSASS Driver
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.82
Matched TTPs:
- T1665 - Hide Infrastructure
- T1690 - Prevent Command History Logging
- T1490 - Inhibit System Recovery
- T1003.003 - NTDS
- T1057 - Process Discovery
- T1197 - BITS Jobs
- T1027.018 - Invisible Unicode
- T1656 - Impersonation
- T1543.003 - Windows Service
MITREへのリンク →
Score: 0.70
Matched TTPs:
- T1567.002 - Exfiltration to Cloud Storage
- T1665 - Hide Infrastructure
- T1547.008 - LSASS Driver
- T1057 - Process Discovery
- T1543.003 - Windows Service
- T1055.005 - Thread Local Storage
- T1055.015 - ListPlanting
MITREへのリンク →
Related CVEs
このPulseに見つかったCVEはありません。
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design