Trusted Design

SonicSpy

概要

Spyware samples disguised as secure messaging apps were recently identified on the Play Store. These initial leads resulted in the discovery of a much larger campaign likely being run by a Middle East based threat actor that is very active and has heavily automated the malware generation process. Analysis suggests they may have also been behind the Android malware family known as SpyNote.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Spyware Disguises as Android Applications on Google Play (score: 0.69)
Exaspy – Commodity Android Spyware Targeting High-level Executives (score: 0.63)
RuMMS: The Latest Family of Android Malware (score: 0.60)
Operation C-Major actors used Mobile Spyware Against Targets (score: 0.60)
Android/BondPath: a Mature Spyware (score: 0.60)

このPulseに関連する脅威アクター (事実ベース)

Mustard Tempest

Score: 9.08

Matched TTPs:

T1682 - Query Public AI Services
T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

APT41

Score: 6.83

Matched TTPs:

T1560.003 - Archive via Custom Method
T1120 - Peripheral Device Discovery
T1548.006 - TCC Manipulation

MITREへのリンク →

Scattered Spider

Score: 13.14

Matched TTPs:

T1560.003 - Archive via Custom Method
T1120 - Peripheral Device Discovery
T1136.002 - Domain Account
T1548.006 - TCC Manipulation
T1588.005 - Exploits

MITREへのリンク →

TA505

Score: 9.08

Matched TTPs:

T1560.003 - Archive via Custom Method
T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1027.018 - Invisible Unicode

MITREへのリンク →

Volt Typhoon

Score: 8.37

Matched TTPs:

T1560.003 - Archive via Custom Method
T1159 - Launch Agent
T1548.006 - TCC Manipulation

MITREへのリンク →

APT3

Score: 5.85

Matched TTPs:

T1560.003 - Archive via Custom Method
T1120 - Peripheral Device Discovery
T1027.018 - Invisible Unicode

MITREへのリンク →

FIN13

Score: 8.93

Matched TTPs:

T1560.003 - Archive via Custom Method
T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1548.006 - TCC Manipulation

MITREへのリンク →

Kimsuky

Score: 13.51

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1027.014 - Polymorphic Code
T1027.018 - Invisible Unicode
T1003.003 - NTDS

MITREへのリンク →

Moonstone Sleet

Score: 5.27

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media

MITREへのリンク →

Lazarus Group

Score: 7.43

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1055.005 - Thread Local Storage

MITREへのリンク →

Contagious Interview

Score: 10.77

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1021.006 - Windows Remote Management
T1027.018 - Invisible Unicode

MITREへのリンク →

OilRig

Score: 9.38

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1128 - Netsh Helper DLL
T1027.018 - Invisible Unicode

MITREへのリンク →

UNC3886

Score: 8.69

Matched TTPs:

T1606.002 - SAML Tokens
T1021.006 - Windows Remote Management
T1136.002 - Domain Account

MITREへのリンク →

LuminousMoth

Score: 7.89

Matched TTPs:

T1606.002 - SAML Tokens
T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1027.018 - Invisible Unicode

MITREへのリンク →

Sandworm Team

Score: 16.66

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1193 - Spearphishing Attachment
T1187 - Forced Authentication
T1548.006 - TCC Manipulation
T1027.018 - Invisible Unicode

MITREへのリンク →

APT29

Score: 3.46

Matched TTPs:

T1606.002 - SAML Tokens
T1027.018 - Invisible Unicode

MITREへのリンク →

Play

Score: 3.30

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery

MITREへのリンク →

RedCurl

Score: 10.69

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1090 - Proxy
T1128 - Netsh Helper DLL
T1027.018 - Invisible Unicode

MITREへのリンク →

Moses Staff

Score: 3.30

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery

MITREへのリンク →

Turla

Score: 7.12

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1136.002 - Domain Account
T1027.018 - Invisible Unicode

MITREへのリンク →

Ke3chang

Score: 8.93

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1090 - Proxy
T1548.006 - TCC Manipulation

MITREへのリンク →

Mustang Panda

Score: 20.39

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1169 - Sudo
T1159 - Launch Agent
T1055.005 - Thread Local Storage
T1548.006 - TCC Manipulation
T1027.018 - Invisible Unicode

MITREへのリンク →

TeamTNT

Score: 5.27

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media

MITREへのリンク →

FIN7

Score: 6.63

Matched TTPs:

T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

Windigo

Score: 3.95

Matched TTPs:

T1120 - Peripheral Device Discovery
T1159 - Launch Agent

MITREへのリンク →

BlackByte

Score: 3.18

Matched TTPs:

T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media

MITREへのリンク →

Blue Mockingbird

Score: 8.49

Matched TTPs:

T1120 - Peripheral Device Discovery
T1027.014 - Polymorphic Code
T1001.001 - Junk Data

MITREへのリンク →

HEXANE

Score: 5.92

Matched TTPs:

T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1159 - Launch Agent

MITREへのリンク →

TA2541

Score: 9.74

Matched TTPs:

T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1128 - Netsh Helper DLL
T1027.018 - Invisible Unicode

MITREへのリンク →

Gamaredon Group

Score: 7.82

Matched TTPs:

T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1090 - Proxy
T1027.018 - Invisible Unicode

MITREへのリンク →

APT32

Score: 7.28

Matched TTPs:

T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1027.014 - Polymorphic Code
T1027.018 - Invisible Unicode

MITREへのリンク →

Inception

Score: 6.70

Matched TTPs:

T1120 - Peripheral Device Discovery
T1027.014 - Polymorphic Code
T1159 - Launch Agent

MITREへのリンク →

MuddyWater

Score: 5.31

Matched TTPs:

T1120 - Peripheral Device Discovery
T1159 - Launch Agent
T1027.018 - Invisible Unicode

MITREへのリンク →

Sidewinder

Score: 8.60

Matched TTPs:

T1120 - Peripheral Device Discovery
T1090 - Proxy
T1159 - Launch Agent
T1027.018 - Invisible Unicode

MITREへのリンク →

Magic Hound

Score: 6.41

Matched TTPs:

T1120 - Peripheral Device Discovery
T1187 - Forced Authentication
T1027.018 - Invisible Unicode

MITREへのリンク →

Storm-0501

Score: 3.95

Matched TTPs:

T1120 - Peripheral Device Discovery
T1027.014 - Polymorphic Code

MITREへのリンク →

APT42

Score: 5.92

Matched TTPs:

T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1128 - Netsh Helper DLL

MITREへのリンク →

SideCopy

Score: 5.92

Matched TTPs:

T1120 - Peripheral Device Discovery
T1091 - Replication Through Removable Media
T1159 - Launch Agent

MITREへのリンク →

APT19

Score: 3.95

Matched TTPs:

T1120 - Peripheral Device Discovery
T1027.014 - Polymorphic Code

MITREへのリンク →

FIN8

Score: 5.31

Matched TTPs:

T1120 - Peripheral Device Discovery
T1128 - Netsh Helper DLL
T1027.018 - Invisible Unicode

MITREへのリンク →

Tropic Trooper

Score: 9.98

Matched TTPs:

T1120 - Peripheral Device Discovery
T1090 - Proxy
T1128 - Netsh Helper DLL
T1159 - Launch Agent

MITREへのリンク →

Aquatic Panda

Score: 3.66

Matched TTPs:

T1120 - Peripheral Device Discovery
T1136.002 - Domain Account

MITREへのリンク →

Winter Vivern

Score: 5.85

Matched TTPs:

T1120 - Peripheral Device Discovery
T1090 - Proxy
T1027.018 - Invisible Unicode

MITREへのリンク →

Wizard Spider

Score: 4.91

Matched TTPs:

T1120 - Peripheral Device Discovery
T1548.006 - TCC Manipulation
T1027.018 - Invisible Unicode

MITREへのリンク →

Windshift

Score: 5.31

Matched TTPs:

T1120 - Peripheral Device Discovery
T1159 - Launch Agent
T1027.018 - Invisible Unicode

MITREへのリンク →

Medusa Group

Score: 6.29

Matched TTPs:

T1120 - Peripheral Device Discovery
T1128 - Netsh Helper DLL
T1548.006 - TCC Manipulation

MITREへのリンク →

Earth Lusca

Score: 5.79

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1027.018 - Invisible Unicode

MITREへのリンク →

LazyScripter

Score: 5.79

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1027.018 - Invisible Unicode

MITREへのリンク →

Saint Bear

Score: 3.33

Matched TTPs:

T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

EXOTIC LILY

Score: 3.33

Matched TTPs:

T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

Dragonfly

Score: 6.19

Matched TTPs:

T1193 - Spearphishing Attachment
T1548.006 - TCC Manipulation

MITREへのリンク →

LAPSUS$

Score: 12.49

Matched TTPs:

T1193 - Spearphishing Attachment
T1136.002 - Domain Account
T1548.006 - TCC Manipulation
T1588.005 - Exploits

MITREへのリンク →

Ember Bear

Score: 6.59

Matched TTPs:

T1136.002 - Domain Account
T1003.003 - NTDS

MITREへのリンク →

Andariel

Score: 6.30

Matched TTPs:

T1136.002 - Domain Account
T1187 - Forced Authentication

MITREへのリンク →

Cobalt Group

Score: 6.85

Matched TTPs:

T1027.014 - Polymorphic Code
T1128 - Netsh Helper DLL
T1027.018 - Invisible Unicode

MITREへのリンク →

Leviathan

Score: 4.11

Matched TTPs:

T1027.014 - Polymorphic Code
T1027.018 - Invisible Unicode

MITREへのリンク →

FIN6

Score: 5.09

Matched TTPs:

T1128 - Netsh Helper DLL
T1548.006 - TCC Manipulation

MITREへのリンク →

APT28

Score: 3.70

Matched TTPs:

T1548.006 - TCC Manipulation
T1027.018 - Invisible Unicode

MITREへのリンク →

Fox Kitten

Score: 6.19

Matched TTPs:

T1548.006 - TCC Manipulation
T1588.005 - Exploits

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Mustang Panda

Score: 0.81

Matched TTPs:

T1027.018 - Invisible Unicode
T1159 - Launch Agent
T1169 - Sudo
T1091 - Replication Through Removable Media
T1055.005 - Thread Local Storage
T1606.002 - SAML Tokens
T1548.006 - TCC Manipulation
T1120 - Peripheral Device Discovery

MITREへのリンク →

Sandworm Team

Score: 0.68

Matched TTPs:

T1027.018 - Invisible Unicode
T1187 - Forced Authentication
T1091 - Replication Through Removable Media
T1606.002 - SAML Tokens
T1548.006 - TCC Manipulation
T1193 - Spearphishing Attachment
T1120 - Peripheral Device Discovery

MITREへのリンク →

Scattered Spider

Score: 0.57

Matched TTPs:

T1136.002 - Domain Account
T1560.003 - Archive via Custom Method
T1588.005 - Exploits
T1548.006 - TCC Manipulation
T1120 - Peripheral Device Discovery

MITREへのリンク →

Kimsuky

Score: 0.57

Matched TTPs:

T1027.018 - Invisible Unicode
T1003.003 - NTDS
T1091 - Replication Through Removable Media
T1027.014 - Polymorphic Code
T1606.002 - SAML Tokens
T1120 - Peripheral Device Discovery

MITREへのリンク →

LAPSUS$

Score: 0.56

Matched TTPs:

T1193 - Spearphishing Attachment
T1136.002 - Domain Account
T1588.005 - Exploits
T1548.006 - TCC Manipulation

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る