Trusted Design

Botnet bruteforcing Point Of Sale terminals via Remote Desktop (2014)

概要

Every single day our automated systems analyze hundreds of thousands of malicious samples. Yesterday one of the samples caught my attention because the malware started performing bruteforce attacks against Remote Desktop using certain username and passwords.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Bucbi Ransomware Is Back With a Ukrainian Makeover (score: 0.60)
Blurring of Commodity and Targeted Attack Malware (score: 0.58)
THE XDEDIC MARKETPLACE (score: 0.58)
New traces of Hacking Team in the wild (score: 0.57)
New traces of Hacking Team in the wild (score: 0.57)

このPulseに関連する脅威アクター (事実ベース)

TeamTNT

Score: 4.53

Matched TTPs:

T1133 - External Remote Services
T1219 - Remote Access Tools

MITREへのリンク →

FIN13

Score: 9.12

Matched TTPs:

T1133 - External Remote Services
T1021.006 - Windows Remote Management
T1036.004 - Masquerade Task or Service
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Ember Bear

Score: 11.05

Matched TTPs:

T1133 - External Remote Services
T1021 - Remote Services
T1210 - Exploitation of Remote Services
T1110 - Brute Force

MITREへのリンク →

Sandworm Team

Score: 8.15

Matched TTPs:

T1133 - External Remote Services
T1219 - Remote Access Tools
T1584.005 - Botnet

MITREへのリンク →

Volt Typhoon

Score: 11.34

Matched TTPs:

T1133 - External Remote Services
T1070.007 - Clear Network Connection History and Configurations
T1584.005 - Botnet
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Scattered Spider

Score: 11.05

Matched TTPs:

T1133 - External Remote Services
T1219.002 - Remote Desktop Software
T1538 - Cloud Service Dashboard
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT41

Score: 8.20

Matched TTPs:

T1133 - External Remote Services
T1036.004 - Masquerade Task or Service
T1110 - Brute Force
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

OilRig

Score: 8.70

Matched TTPs:

T1133 - External Remote Services
T1219 - Remote Access Tools
T1110 - Brute Force
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Ke3chang

Score: 5.22

Matched TTPs:

T1133 - External Remote Services
T1020 - Automated Exfiltration

MITREへのリンク →

Wizard Spider

Score: 15.71

Matched TTPs:

T1133 - External Remote Services
T1021 - Remote Services
T1021.006 - Windows Remote Management
T1036.004 - Masquerade Task or Service
T1210 - Exploitation of Remote Services
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT29

Score: 5.78

Matched TTPs:

T1133 - External Remote Services
T1550.003 - Pass the Ticket

MITREへのリンク →

Kimsuky

Score: 8.61

Matched TTPs:

T1133 - External Remote Services
T1036.004 - Masquerade Task or Service
T1219.002 - Remote Desktop Software
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

FIN5

Score: 4.46

Matched TTPs:

T1133 - External Remote Services
T1110 - Brute Force

MITREへのリンク →

Threat Group-3390

Score: 8.12

Matched TTPs:

T1133 - External Remote Services
T1021.006 - Windows Remote Management
T1210 - Exploitation of Remote Services

MITREへのリンク →

GOLD SOUTHFIELD

Score: 4.53

Matched TTPs:

T1133 - External Remote Services
T1219 - Remote Access Tools

MITREへのリンク →

Chimera

Score: 10.06

Matched TTPs:

T1133 - External Remote Services
T1021.006 - Windows Remote Management
T1039 - Data from Network Shared Drive
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Dragonfly

Score: 8.85

Matched TTPs:

T1133 - External Remote Services
T1210 - Exploitation of Remote Services
T1110 - Brute Force
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Akira

Score: 6.17

Matched TTPs:

T1133 - External Remote Services
T1219 - Remote Access Tools
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT28

Score: 18.91

Matched TTPs:

T1133 - External Remote Services
T1210 - Exploitation of Remote Services
T1110 - Brute Force
T1039 - Data from Network Shared Drive
T1498 - Network Denial of Service
T1550.001 - Application Access Token

MITREへのリンク →

Leviathan

Score: 3.58

Matched TTPs:

T1133 - External Remote Services
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

UNC3886

Score: 6.23

Matched TTPs:

T1070.007 - Clear Network Connection History and Configurations
T1036.004 - Masquerade Task or Service

MITREへのリンク →

FIN7

Score: 13.62

Matched TTPs:

T1219 - Remote Access Tools
T1674 - Input Injection
T1036.004 - Masquerade Task or Service
T1210 - Exploitation of Remote Services
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

INC Ransom

Score: 4.24

Matched TTPs:

T1219 - Remote Access Tools
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Medusa Group

Score: 12.40

Matched TTPs:

T1219 - Remote Access Tools
T1021.001 - Remote Desktop Protocol
T1529 - System Shutdown/Reboot
T1218.014 - MMC

MITREへのリンク →

DarkVishnya

Score: 5.12

Matched TTPs:

T1219 - Remote Access Tools
T1110 - Brute Force

MITREへのリンク →

Carbanak

Score: 4.69

Matched TTPs:

T1219 - Remote Access Tools
T1036.004 - Masquerade Task or Service

MITREへのリンク →

MuddyWater

Score: 5.34

Matched TTPs:

T1219 - Remote Access Tools
T1210 - Exploitation of Remote Services

MITREへのリンク →

BlackByte

Score: 4.24

Matched TTPs:

T1219 - Remote Access Tools
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Cobalt Group

Score: 4.24

Matched TTPs:

T1219 - Remote Access Tools
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Higaisa

Score: 6.63

Matched TTPs:

T1029 - Scheduled Transfer
T1036.004 - Masquerade Task or Service

MITREへのリンク →

Aquatic Panda

Score: 7.59

Matched TTPs:

T1021 - Remote Services
T1036.004 - Masquerade Task or Service
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Storm-0501

Score: 10.99

Matched TTPs:

T1021.006 - Windows Remote Management
T1036.004 - Masquerade Task or Service
T1110 - Brute Force
T1219.002 - Remote Desktop Software

MITREへのリンク →

Sidewinder

Score: 3.29

Matched TTPs:

T1020 - Automated Exfiltration

MITREへのリンク →

RedCurl

Score: 6.32

Matched TTPs:

T1020 - Automated Exfiltration
T1039 - Data from Network Shared Drive

MITREへのリンク →

Winter Vivern

Score: 5.38

Matched TTPs:

T1020 - Automated Exfiltration
T1036.004 - Masquerade Task or Service

MITREへのリンク →

Tropic Trooper

Score: 3.29

Matched TTPs:

T1020 - Automated Exfiltration

MITREへのリンク →

Gamaredon Group

Score: 6.32

Matched TTPs:

T1020 - Automated Exfiltration
T1039 - Data from Network Shared Drive

MITREへのリンク →

APT32

Score: 5.94

Matched TTPs:

T1550.003 - Pass the Ticket
T1036.004 - Masquerade Task or Service

MITREへのリンク →

BRONZE BUTLER

Score: 6.88

Matched TTPs:

T1550.003 - Pass the Ticket
T1039 - Data from Network Shared Drive

MITREへのリンク →

FIN6

Score: 3.74

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Fox Kitten

Score: 12.05

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1210 - Exploitation of Remote Services
T1110 - Brute Force
T1039 - Data from Network Shared Drive
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Magic Hound

Score: 3.74

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Lazarus Group

Score: 11.50

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1027.007 - Dynamic API Resolution
T1021.001 - Remote Desktop Protocol
T1529 - System Shutdown/Reboot

MITREへのリンク →

HAFNIUM

Score: 7.75

Matched TTPs:

T1584.005 - Botnet
T1550.001 - Application Access Token

MITREへのリンク →

Axiom

Score: 9.81

Matched TTPs:

T1584.005 - Botnet
T1563.002 - RDP Hijacking
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

menuPass

Score: 7.43

Matched TTPs:

T1210 - Exploitation of Remote Services
T1039 - Data from Network Shared Drive
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

HEXANE

Score: 4.17

Matched TTPs:

T1110 - Brute Force
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT38

Score: 6.14

Matched TTPs:

T1110 - Brute Force
T1529 - System Shutdown/Reboot

MITREへのリンク →

Agrius

Score: 4.17

Matched TTPs:

T1110 - Brute Force
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

APT39

Score: 4.17

Matched TTPs:

T1110 - Brute Force
T1021.001 - Remote Desktop Protocol

MITREへのリンク →

Sowbug

Score: 3.03

Matched TTPs:

T1039 - Data from Network Shared Drive

MITREへのリンク →

Contagious Interview

Score: 7.47

Matched TTPs:

T1219.002 - Remote Desktop Software
T1204.004 - Malicious Copy and Paste

MITREへのリンク →

Mustang Panda

Score: 7.06

Matched TTPs:

T1219.002 - Remote Desktop Software
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT37

Score: 3.62

Matched TTPs:

T1529 - System Shutdown/Reboot

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT28

Score: 0.81

Matched TTPs:

T1133 - External Remote Services
T1110 - Brute Force
T1498 - Network Denial of Service
T1550.001 - Application Access Token
T1039 - Data from Network Shared Drive
T1210 - Exploitation of Remote Services

MITREへのリンク →

Wizard Spider

Score: 0.66

Matched TTPs:

T1133 - External Remote Services
T1036.004 - Masquerade Task or Service
T1021 - Remote Services
T1021.006 - Windows Remote Management
T1021.001 - Remote Desktop Protocol
T1210 - Exploitation of Remote Services

MITREへのリンク →

FIN7

Score: 0.61

Matched TTPs:

T1036.004 - Masquerade Task or Service
T1021.001 - Remote Desktop Protocol
T1674 - Input Injection
T1219 - Remote Access Tools
T1210 - Exploitation of Remote Services

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る