Trusted Design

Meet Ovidiy Stealer: Bringing credential theft to the masses

概要

Proofpoint threat researchers recently analyzed Ovidiy Stealer, a previously undocumented credential stealer which appears to be marketed primarily in the Russian-speaking regions. It is under constant development, with several updated versions appearing since the original samples were observed in June 2017. The growing number of samples demonstrate that criminals are actively adopting this malware. Ovidiy Stealer is priced at 450-750 Rubles (~$7-13 USD) for one build, a price that includes a precompiled executable that is also "crypted" to thwart analysis and detection.

Created: 2026-02-23

Indicators

類似Pulses

Unskal, Saluchtra, Dexter and IeEnablerCby (score: 0.64)
CryptXXX: New Ransomware From the Actors Behind Reveton (score: 0.63)
August in December: New Information Stealer Hits the Scene (score: 0.60)
Stegoloader: A Stealthy Information Stealer (score: 0.60)
Locky Ransomware Cybercriminals introduce New RockLoader Malware (score: 0.58)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 13.03

Matched TTPs:

T1597.002 - Purchase Technical Data
T1005 - Data from Local System
T1136.002 - Domain Account
T1003.003 - NTDS

MITREへのリンク →

APT39

Score: 5.49

Matched TTPs:

T1597.002 - Purchase Technical Data
T1199 - Trusted Relationship
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Mustang Panda

Score: 19.70

Matched TTPs:

T1597.002 - Purchase Technical Data
T1606.002 - SAML Tokens
T1169 - Sudo
T1199 - Trusted Relationship
T1526 - Cloud Service Discovery
T1055.005 - Thread Local Storage
T1548.006 - TCC Manipulation

MITREへのリンク →

APT32

Score: 6.19

Matched TTPs:

T1597.002 - Purchase Technical Data
T1199 - Trusted Relationship
T1027.014 - Polymorphic Code

MITREへのリンク →

APT28

Score: 12.37

Matched TTPs:

T1597.002 - Purchase Technical Data
T1199 - Trusted Relationship
T1592.003 - Firmware
T1200 - Hardware Additions
T1548.006 - TCC Manipulation

MITREへのリンク →

Storm-0501

Score: 9.91

Matched TTPs:

T1597.002 - Purchase Technical Data
T1552.003 - Shell History
T1027.014 - Polymorphic Code
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Leviathan

Score: 8.78

Matched TTPs:

T1597.002 - Purchase Technical Data
T1027.014 - Polymorphic Code
T1592.003 - Firmware

MITREへのリンク →

Kimsuky

Score: 21.40

Matched TTPs:

T1606.002 - SAML Tokens
T1552.003 - Shell History
T1199 - Trusted Relationship
T1027.014 - Polymorphic Code
T1537 - Transfer Data to Cloud Account
T1526 - Cloud Service Discovery
T1126 - Network Share Connection Removal
T1003.003 - NTDS

MITREへのリンク →

FIN13

Score: 7.81

Matched TTPs:

T1606.002 - SAML Tokens
T1552.003 - Shell History
T1199 - Trusted Relationship
T1548.006 - TCC Manipulation

MITREへのリンク →

Moonstone Sleet

Score: 5.94

Matched TTPs:

T1606.002 - SAML Tokens
T1126 - Network Share Connection Removal

MITREへのリンク →

Lazarus Group

Score: 7.08

Matched TTPs:

T1606.002 - SAML Tokens
T1199 - Trusted Relationship
T1055.005 - Thread Local Storage

MITREへのリンク →

Contagious Interview

Score: 9.31

Matched TTPs:

T1606.002 - SAML Tokens
T1552.003 - Shell History
T1199 - Trusted Relationship
T1126 - Network Share Connection Removal

MITREへのリンク →

OilRig

Score: 13.56

Matched TTPs:

T1606.002 - SAML Tokens
T1005 - Data from Local System
T1199 - Trusted Relationship
T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery

MITREへのリンク →

UNC3886

Score: 4.55

Matched TTPs:

T1606.002 - SAML Tokens
T1136.002 - Domain Account

MITREへのリンク →

LuminousMoth

Score: 5.40

Matched TTPs:

T1606.002 - SAML Tokens
T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Sandworm Team

Score: 9.13

Matched TTPs:

T1606.002 - SAML Tokens
T1005 - Data from Local System
T1199 - Trusted Relationship
T1548.006 - TCC Manipulation

MITREへのリンク →

APT29

Score: 5.00

Matched TTPs:

T1606.002 - SAML Tokens
T1199 - Trusted Relationship
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Play

Score: 5.47

Matched TTPs:

T1606.002 - SAML Tokens
T1552.003 - Shell History
T1199 - Trusted Relationship

MITREへのリンク →

Aoqin Dragon

Score: 5.00

Matched TTPs:

T1606.002 - SAML Tokens
T1199 - Trusted Relationship
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

RedCurl

Score: 6.23

Matched TTPs:

T1606.002 - SAML Tokens
T1574.010 - Services File Permissions Weakness

MITREへのリンク →

Turla

Score: 9.02

Matched TTPs:

T1606.002 - SAML Tokens
T1136.002 - Domain Account
T1199 - Trusted Relationship
T1556.009 - Conditional Access Policies

MITREへのリンク →

Ke3chang

Score: 5.29

Matched TTPs:

T1606.002 - SAML Tokens
T1199 - Trusted Relationship
T1548.006 - TCC Manipulation

MITREへのリンク →

TeamTNT

Score: 4.15

Matched TTPs:

T1606.002 - SAML Tokens
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

FIN7

Score: 7.48

Matched TTPs:

T1606.002 - SAML Tokens
T1011.001 - Exfiltration Over Bluetooth
T1199 - Trusted Relationship

MITREへのリンク →

TA2541

Score: 5.36

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

LAPSUS$

Score: 9.09

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship
T1592.003 - Firmware
T1548.006 - TCC Manipulation

MITREへのリンク →

Metador

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

APT1

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Aquatic Panda

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

TA505

Score: 5.36

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Earth Lusca

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

BackdoorDiplomacy

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Scattered Spider

Score: 8.17

Matched TTPs:

T1136.002 - Domain Account
T1552.003 - Shell History
T1199 - Trusted Relationship
T1548.006 - TCC Manipulation

MITREへのリンク →

INC Ransom

Score: 3.37

Matched TTPs:

T1552.003 - Shell History
T1199 - Trusted Relationship

MITREへのリンク →

Cinnamon Tempest

Score: 3.37

Matched TTPs:

T1552.003 - Shell History
T1199 - Trusted Relationship

MITREへのリンク →

Medusa Group

Score: 12.30

Matched TTPs:

T1552.003 - Shell History
T1199 - Trusted Relationship
T1598 - Phishing for Information
T1537 - Transfer Data to Cloud Account
T1548.006 - TCC Manipulation

MITREへのリンク →

FIN4

Score: 4.13

Matched TTPs:

T1574.010 - Services File Permissions Weakness

MITREへのリンク →

Inception

Score: 6.75

Matched TTPs:

T1199 - Trusted Relationship
T1027.014 - Polymorphic Code
T1200 - Hardware Additions

MITREへのリンク →

Magic Hound

Score: 4.29

Matched TTPs:

T1199 - Trusted Relationship
T1592.003 - Firmware

MITREへのリンク →

BlackTech

Score: 4.00

Matched TTPs:

T1199 - Trusted Relationship
T1526 - Cloud Service Discovery

MITREへのリンク →

Wizard Spider

Score: 9.96

Matched TTPs:

T1199 - Trusted Relationship
T1556.009 - Conditional Access Policies
T1526 - Cloud Service Discovery
T1548.006 - TCC Manipulation

MITREへのリンク →

menuPass

Score: 3.19

Matched TTPs:

T1199 - Trusted Relationship
T1548.006 - TCC Manipulation

MITREへのリンク →

APT41

Score: 5.24

Matched TTPs:

T1199 - Trusted Relationship
T1537 - Transfer Data to Cloud Account
T1548.006 - TCC Manipulation

MITREへのリンク →

FIN8

Score: 4.00

Matched TTPs:

T1199 - Trusted Relationship
T1526 - Cloud Service Discovery

MITREへのリンク →

FIN6

Score: 3.19

Matched TTPs:

T1199 - Trusted Relationship
T1548.006 - TCC Manipulation

MITREへのリンク →

WIRTE

Score: 3.60

Matched TTPs:

T1199 - Trusted Relationship
T1027.014 - Polymorphic Code

MITREへのリンク →

Cobalt Group

Score: 3.60

Matched TTPs:

T1199 - Trusted Relationship
T1027.014 - Polymorphic Code

MITREへのリンク →

Threat Group-3390

Score: 6.05

Matched TTPs:

T1199 - Trusted Relationship
T1537 - Transfer Data to Cloud Account
T1526 - Cloud Service Discovery

MITREへのリンク →

Dragonfly

Score: 6.34

Matched TTPs:

T1199 - Trusted Relationship
T1200 - Hardware Additions
T1548.006 - TCC Manipulation

MITREへのリンク →

Gamaredon Group

Score: 4.00

Matched TTPs:

T1199 - Trusted Relationship
T1200 - Hardware Additions

MITREへのリンク →

Chimera

Score: 6.63

Matched TTPs:

T1199 - Trusted Relationship
T1592.003 - Firmware
T1548.006 - TCC Manipulation

MITREへのリンク →

Volt Typhoon

Score: 5.24

Matched TTPs:

T1199 - Trusted Relationship
T1537 - Transfer Data to Cloud Account
T1548.006 - TCC Manipulation

MITREへのリンク →

APT19

Score: 3.60

Matched TTPs:

T1199 - Trusted Relationship
T1027.014 - Polymorphic Code

MITREへのリンク →

Blue Mockingbird

Score: 3.60

Matched TTPs:

T1199 - Trusted Relationship
T1027.014 - Polymorphic Code

MITREへのリンク →

DarkHydrus

Score: 4.00

Matched TTPs:

T1199 - Trusted Relationship
T1200 - Hardware Additions

MITREへのリンク →

Stealth Falcon

Score: 3.62

Matched TTPs:

T1556.009 - Conditional Access Policies

MITREへのリンク →

Confucius

Score: 3.15

Matched TTPs:

T1200 - Hardware Additions

MITREへのリンク →

Tropic Trooper

Score: 3.15

Matched TTPs:

T1200 - Hardware Additions

MITREへのリンク →

Mustard Tempest

Score: 4.54

Matched TTPs:

T1543.002 - Systemd Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.78

Matched TTPs:

T1003.003 - NTDS
T1552.003 - Shell History
T1526 - Cloud Service Discovery
T1606.002 - SAML Tokens
T1199 - Trusted Relationship
T1537 - Transfer Data to Cloud Account
T1027.014 - Polymorphic Code
T1126 - Network Share Connection Removal

MITREへのリンク →

Mustang Panda

Score: 0.75

Matched TTPs:

T1169 - Sudo
T1526 - Cloud Service Discovery
T1606.002 - SAML Tokens
T1597.002 - Purchase Technical Data
T1199 - Trusted Relationship
T1055.005 - Thread Local Storage
T1548.006 - TCC Manipulation

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る