Trusted Design

US Banks Targeted with Trickbot Trojan - FlashPoint

概要

The Necurs botnet has begun delivering the Trickbot banking Trojan to financial institutions in the United States, a sign of increasingly larger and more complex attacks on the industry. Trickbot, which specifically threatens businesses in the financial sector, has been behind man-in-the-browser (MitB) attacks since 2016. Until now, its webinject configuration was only used to hit organizations outside the US. The latest iteration is fueled by the Necurs botnet and was developed to hit 50 additional banks including 13 companies based in the US. Necurs, one of the largest spamming botnets in the world.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Tale of the Two Payloads – TrickBot and Nitol (score: 0.81)
TrickBot Is Hand-Picking Private Banks (score: 0.70)
Android Trojan GM Bot is evolving and targeting more than 50 banks worldwide (score: 0.68)
Necurs Botnet Fuels Massive Spam Campaigns Spreading Jaff Ransomware (score: 0.66)
A couple of months with Trickbots (score: 0.66)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 4.13

Matched TTPs:

T1564.008 - Email Hiding Rules

MITREへのリンク →

Sandworm Team

Score: 21.15

Matched TTPs:

T1564.008 - Email Hiding Rules
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1049 - System Network Connections Discovery
T1122 - Component Object Model Hijacking
T1102.003 - One-Way Communication
T1573 - Encrypted Channel

MITREへのリンク →

Scattered Spider

Score: 9.11

Matched TTPs:

T1566.002 - Spearphishing Link
T1552.003 - Shell History
T1090.004 - Domain Fronting

MITREへのリンク →

Mustang Panda

Score: 14.27

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1569.001 - Launchctl
T1608.005 - Link Target
T1102.003 - One-Way Communication

MITREへのリンク →

ZIRCONIUM

Score: 4.47

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target

MITREへのリンク →

APT32

Score: 10.67

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1684 - Social Engineering
T1608.005 - Link Target
T1059.012 - Hypervisor CLI

MITREへのリンク →

Kimsuky

Score: 14.71

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1684 - Social Engineering
T1552.003 - Shell History
T1608.005 - Link Target
T1102.003 - One-Way Communication

MITREへのリンク →

Magic Hound

Score: 8.76

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1059.012 - Hypervisor CLI
T1547.008 - LSASS Driver

MITREへのリンク →

APT28

Score: 18.06

Matched TTPs:

T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1122 - Component Object Model Hijacking
T1059.012 - Hypervisor CLI
T1146 - Clear Command History
T1588.003 - Code Signing Certificates

MITREへのリンク →

Star Blizzard

Score: 7.72

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1102.003 - One-Way Communication

MITREへのリンク →

Moonstone Sleet

Score: 9.88

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1573 - Encrypted Channel
T1547.008 - LSASS Driver

MITREへのリンク →

CURIUM

Score: 10.37

Matched TTPs:

T1566.002 - Spearphishing Link
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI
T1547.008 - LSASS Driver

MITREへのリンク →

Dragonfly

Score: 7.15

Matched TTPs:

T1566.002 - Spearphishing Link
T1573 - Encrypted Channel
T1059.012 - Hypervisor CLI

MITREへのリンク →

Patchwork

Score: 4.22

Matched TTPs:

T1566.002 - Spearphishing Link
T1059.012 - Hypervisor CLI

MITREへのリンク →

HAFNIUM

Score: 12.22

Matched TTPs:

T1027.008 - Stripped Payloads
T1049 - System Network Connections Discovery
T1608.005 - Link Target
T1122 - Component Object Model Hijacking

MITREへのリンク →

APT5

Score: 6.30

Matched TTPs:

T1027.008 - Stripped Payloads
T1684 - Social Engineering

MITREへのリンク →

Ke3chang

Score: 3.84

Matched TTPs:

T1027.008 - Stripped Payloads

MITREへのリンク →

TA2541

Score: 6.44

Matched TTPs:

T1091 - Replication Through Removable Media
T1684 - Social Engineering
T1608.005 - Link Target

MITREへのリンク →

Earth Lusca

Score: 9.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.005 - Link Target
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

Mustard Tempest

Score: 3.74

Matched TTPs:

T1091 - Replication Through Removable Media
T1059.012 - Hypervisor CLI

MITREへのリンク →

OilRig

Score: 4.50

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.008 - LSASS Driver

MITREへのリンク →

LazyScripter

Score: 3.99

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.005 - Link Target

MITREへのリンク →

Gamaredon Group

Score: 14.83

Matched TTPs:

T1091 - Replication Through Removable Media
T1684 - Social Engineering
T1562.010 - Downgrade Attack
T1608.005 - Link Target
T1061 - Graphical User Interface

MITREへのリンク →

Threat Group-3390

Score: 9.41

Matched TTPs:

T1091 - Replication Through Removable Media
T1122 - Component Object Model Hijacking
T1573 - Encrypted Channel
T1059.012 - Hypervisor CLI

MITREへのリンク →

BlackByte

Score: 8.28

Matched TTPs:

T1091 - Replication Through Removable Media
T1684 - Social Engineering
T1562.010 - Downgrade Attack

MITREへのリンク →

Saint Bear

Score: 3.99

Matched TTPs:

T1091 - Replication Through Removable Media
T1608.005 - Link Target

MITREへのリンク →

Contagious Interview

Score: 16.16

Matched TTPs:

T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1562.010 - Downgrade Attack
T1608.005 - Link Target
T1102.003 - One-Way Communication
T1547.008 - LSASS Driver

MITREへのリンク →

FIN7

Score: 11.45

Matched TTPs:

T1091 - Replication Through Removable Media
T1011.001 - Exfiltration Over Bluetooth
T1608.005 - Link Target
T1573 - Encrypted Channel

MITREへのリンク →

EXOTIC LILY

Score: 4.50

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.008 - LSASS Driver

MITREへのリンク →

APT38

Score: 4.22

Matched TTPs:

T1684 - Social Engineering
T1059.012 - Hypervisor CLI

MITREへのリンク →

Cobalt Group

Score: 5.39

Matched TTPs:

T1684 - Social Engineering
T1573 - Encrypted Channel

MITREへのリンク →

APT37

Score: 4.22

Matched TTPs:

T1684 - Social Engineering
T1059.012 - Hypervisor CLI

MITREへのリンク →

PLATINUM

Score: 4.22

Matched TTPs:

T1684 - Social Engineering
T1059.012 - Hypervisor CLI

MITREへのリンク →

APT41

Score: 5.39

Matched TTPs:

T1684 - Social Engineering
T1573 - Encrypted Channel

MITREへのリンク →

Turla

Score: 9.86

Matched TTPs:

T1684 - Social Engineering
T1608.005 - Link Target
T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

Axiom

Score: 9.93

Matched TTPs:

T1049 - System Network Connections Discovery
T1059.012 - Hypervisor CLI
T1160 - Launch Daemon

MITREへのリンク →

Volt Typhoon

Score: 6.91

Matched TTPs:

T1049 - System Network Connections Discovery
T1102.003 - One-Way Communication

MITREへのリンク →

Storm-0501

Score: 6.66

Matched TTPs:

T1552.003 - Shell History
T1090.004 - Domain Fronting

MITREへのリンク →

Medusa Group

Score: 4.54

Matched TTPs:

T1552.003 - Shell History
T1608.005 - Link Target

MITREへのリンク →

APT29

Score: 7.28

Matched TTPs:

T1608.005 - Link Target
T1122 - Component Object Model Hijacking
T1547.008 - LSASS Driver

MITREへのリンク →

Lazarus Group

Score: 6.30

Matched TTPs:

T1608.005 - Link Target
T1059.012 - Hypervisor CLI
T1547.008 - LSASS Driver

MITREへのリンク →

POLONIUM

Score: 4.76

Matched TTPs:

T1608.005 - Link Target
T1122 - Component Object Model Hijacking

MITREへのリンク →

GOLD SOUTHFIELD

Score: 5.67

Matched TTPs:

T1122 - Component Object Model Hijacking
T1573 - Encrypted Channel

MITREへのリンク →

Winter Vivern

Score: 5.39

Matched TTPs:

T1218.001 - Compiled HTML File
T1059.012 - Hypervisor CLI

MITREへのリンク →

Daggerfly

Score: 4.69

Matched TTPs:

T1573 - Encrypted Channel
T1059.012 - Hypervisor CLI

MITREへのリンク →

Windshift

Score: 4.29

Matched TTPs:

T1059.012 - Hypervisor CLI
T1547.008 - LSASS Driver

MITREへのリンク →

Dark Caracal

Score: 4.29

Matched TTPs:

T1059.012 - Hypervisor CLI
T1547.008 - LSASS Driver

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.83

Matched TTPs:

T1102.003 - One-Way Communication
T1049 - System Network Connections Discovery
T1573 - Encrypted Channel
T1564.008 - Email Hiding Rules
T1122 - Component Object Model Hijacking
T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media

MITREへのリンク →

APT28

Score: 0.70

Matched TTPs:

T1146 - Clear Command History
T1059.012 - Hypervisor CLI
T1588.003 - Code Signing Certificates
T1122 - Component Object Model Hijacking
T1608.005 - Link Target
T1566.002 - Spearphishing Link

MITREへのリンク →

Contagious Interview

Score: 0.61

Matched TTPs:

T1102.003 - One-Way Communication
T1562.010 - Downgrade Attack
T1608.005 - Link Target
T1091 - Replication Through Removable Media
T1547.008 - LSASS Driver
T1552.003 - Shell History

MITREへのリンク →

Mustang Panda

Score: 0.59

Matched TTPs:

T1102.003 - One-Way Communication
T1569.001 - Launchctl
T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1091 - Replication Through Removable Media

MITREへのリンク →

Gamaredon Group

Score: 0.58

Matched TTPs:

T1061 - Graphical User Interface
T1684 - Social Engineering
T1562.010 - Downgrade Attack
T1608.005 - Link Target
T1091 - Replication Through Removable Media

MITREへのリンク →

Kimsuky

Score: 0.57

Matched TTPs:

T1102.003 - One-Way Communication
T1684 - Social Engineering
T1566.002 - Spearphishing Link
T1608.005 - Link Target
T1091 - Replication Through Removable Media
T1552.003 - Shell History

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る