Trusted Design

Threat actor goes on a Chrome extension hijacking spree

概要

Chrome Extensions are a powerful means of adding functionality to the Chrome browser with features ranging from easier posting of content on social media to integrated developer tools. At the end of July and beginning of August, several Chrome Extensions were compromised after their author’s Google Account credentials were stolen via a phishing scheme. This resulted in hijacking of traffic and exposing users to potentially malicious popups and credential theft. We specifically examined the “Web Developer 0.4.9” extension compromise, but found evidence that “Chrometana 1.1.3”, “Infinity New Tab 3.12.3” [8][10] , “CopyFish 2.8.5” [9], “Web Paint 1.2.1” [11], and “Social Fixer 20.1.1” [12] were modified using the same modus operandi by the same actor. We believe that the Chrome Extensions TouchVPN and Betternet VPN were also compromised in the same way at the end of June.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 5.63
Matched TTPs:
  • T1491.002 - External Defacement
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Sandworm Team

Score: 27.12
Matched TTPs:
  • T1491.002 - External Defacement
  • T1586.001 - Social Media Accounts
  • T1598.003 - Spearphishing Link
  • T1087.003 - Email Account
  • T1585.001 - Social Media Accounts
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Volt Typhoon

Score: 13.45
Matched TTPs:
  • T1584.008 - Network Devices
  • T1217 - Browser Information Discovery
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT28

Score: 28.20
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1598 - Phishing for Information
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
MITREへのリンク →

ZIRCONIUM

Score: 14.71
Matched TTPs:
  • T1584.008 - Network Devices
  • T1598.003 - Spearphishing Link
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Leviathan

Score: 27.28
Matched TTPs:
  • T1584.008 - Network Devices
  • T1586.001 - Social Media Accounts
  • T1102.003 - One-Way Communication
  • T1585.001 - Social Media Accounts
  • T1218.010 - Regsvr32
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Mustard Tempest

Score: 7.08
Matched TTPs:
  • T1583.008 - Malvertising
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Kimsuky

Score: 30.44
Matched TTPs:
  • T1176.001 - Browser Extensions
  • T1598.003 - Spearphishing Link
  • T1185 - Browser Session Hijacking
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1218.010 - Regsvr32
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
  • T1078.003 - Local Accounts
MITREへのリンク →

Sidewinder

Score: 4.73
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Scattered Spider

Score: 18.96
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1217 - Browser Information Discovery
  • T1657 - Financial Theft
  • T1204 - User Execution
  • T1585.001 - Social Media Accounts
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Mustang Panda

Score: 17.79
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1176.002 - IDE Extensions
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

APT32

Score: 22.77
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1550.003 - Pass the Ticket
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1078.003 - Local Accounts
MITREへのリンク →

Magic Hound

Score: 22.43
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1087.003 - Email Account
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1589.001 - Credentials
  • T1102.002 - Bidirectional Communication
  • T1036.010 - Masquerade Account Name
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Star Blizzard

Score: 4.80
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Moonstone Sleet

Score: 15.23
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1217 - Browser Information Discovery
  • T1585.001 - Social Media Accounts
  • T1195.002 - Compromise Software Supply Chain
  • T1598 - Phishing for Information
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

CURIUM

Score: 10.19
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1584.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1189 - Drive-by Compromise
MITREへのリンク →

Dragonfly

Score: 15.88
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1036.010 - Masquerade Account Name
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Patchwork

Score: 6.49
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA505

Score: 4.40
Matched TTPs:
  • T1087.003 - Email Account
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

RedCurl

Score: 6.29
Matched TTPs:
  • T1087.003 - Email Account
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Medusa Group

Score: 16.32
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
  • T1218.014 - MMC
MITREへのリンク →

Threat Group-3390

Score: 11.10
Matched TTPs:
  • T1608.002 - Upload Tool
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Fox Kitten

Score: 6.40
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1585.001 - Social Media Accounts
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT38

Score: 5.83
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Chimera

Score: 7.50
Matched TTPs:
  • T1217 - Browser Information Discovery
  • T1589.001 - Credentials
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Winter Vivern

Score: 10.70
Matched TTPs:
  • T1056.003 - Web Portal Capture
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT29

Score: 10.79
Matched TTPs:
  • T1550.003 - Pass the Ticket
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1078.003 - Local Accounts
MITREへのリンク →

BRONZE BUTLER

Score: 7.88
Matched TTPs:
  • T1550.003 - Pass the Ticket
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

INC Ransom

Score: 3.30
Matched TTPs:
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Contagious Interview

Score: 6.88
Matched TTPs:
  • T1657 - Financial Theft
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Cinnamon Tempest

Score: 3.30
Matched TTPs:
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN13

Score: 8.89
Matched TTPs:
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1090.001 - Internal Proxy
MITREへのリンク →

Storm-0501

Score: 5.27
Matched TTPs:
  • T1657 - Financial Theft
  • T1218.010 - Regsvr32
MITREへのリンク →

Water Galura

Score: 4.86
Matched TTPs:
  • T1657 - Financial Theft
  • T1585.001 - Social Media Accounts
MITREへのリンク →

Play

Score: 5.97
Matched TTPs:
  • T1657 - Financial Theft
  • T1105 - Ingress Tool Transfer
  • T1078.003 - Local Accounts
MITREへのリンク →

Earth Lusca

Score: 10.23
Matched TTPs:
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
MITREへのリンク →

HAFNIUM

Score: 12.25
Matched TTPs:
  • T1583.006 - Web Services
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1550.001 - Application Access Token
  • T1078.003 - Local Accounts
MITREへのリンク →

Turla

Score: 22.62
Matched TTPs:
  • T1583.006 - Web Services
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1555.004 - Windows Credential Manager
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1090.001 - Internal Proxy
  • T1078.003 - Local Accounts
MITREへのリンク →

MuddyWater

Score: 6.68
Matched TTPs:
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

FIN7

Score: 13.45
Matched TTPs:
  • T1583.006 - Web Services
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1078.003 - Local Accounts
MITREへのリンク →

Lazarus Group

Score: 27.60
Matched TTPs:
  • T1583.006 - Web Services
  • T1574.013 - KernelCallbackTable
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1090.001 - Internal Proxy
MITREへのリンク →

Confucius

Score: 4.28
Matched TTPs:
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Gamaredon Group

Score: 9.32
Matched TTPs:
  • T1583.006 - Web Services
  • T1102.003 - One-Way Communication
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Saint Bear

Score: 3.51
Matched TTPs:
  • T1583.006 - Web Services
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

POLONIUM

Score: 4.41
Matched TTPs:
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

LAPSUS$

Score: 7.57
Matched TTPs:
  • T1204 - User Execution
  • T1589.001 - Credentials
MITREへのリンク →

EXOTIC LILY

Score: 3.83
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

HEXANE

Score: 5.52
Matched TTPs:
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

TA551

Score: 3.52
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Cobalt Group

Score: 7.94
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Inception

Score: 4.24
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

WIRTE

Score: 3.52
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT19

Score: 4.51
Matched TTPs:
  • T1218.010 - Regsvr32
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT41

Score: 5.20
Matched TTPs:
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Daggerfly

Score: 8.30
Matched TTPs:
  • T1195.002 - Compromise Software Supply Chain
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT37

Score: 6.43
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

APT12

Score: 3.89
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT39

Score: 6.10
Matched TTPs:
  • T1102.002 - Bidirectional Communication
  • T1105 - Ingress Tool Transfer
  • T1090.001 - Internal Proxy
MITREへのリンク →

Andariel

Score: 4.04
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Axiom

Score: 3.26
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
MITREへのリンク →

Higaisa

Score: 8.27
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1001.003 - Protocol or Service Impersonation
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT3

Score: 5.89
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1036.010 - Masquerade Account Name
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Sea Turtle

Score: 4.16
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1078.003 - Local Accounts
MITREへのリンク →

Transparent Tribe

Score: 5.92
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Tropic Trooper

Score: 7.60
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
  • T1078.003 - Local Accounts
MITREへのリンク →

Elderwood

Score: 4.04
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Darkhotel

Score: 4.04
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1189 - Drive-by Compromise
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

OilRig

Score: 10.43
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1555.004 - Windows Credential Manager
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Stealth Falcon

Score: 3.62
Matched TTPs:
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Wizard Spider

Score: 4.40
Matched TTPs:
  • T1555.004 - Windows Credential Manager
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Storm-1811

Score: 4.40
Matched TTPs:
  • T1036.010 - Masquerade Account Name
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

PROMETHIUM

Score: 4.43
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1078.003 - Local Accounts
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 7.06
Matched TTPs:
  • T1564.005 - Hidden File System
  • T1090.001 - Internal Proxy
MITREへのリンク →

Indrik Spider

Score: 3.61
Matched TTPs:
  • T1584.004 - Server
  • T1105 - Ingress Tool Transfer
MITREへのリンク →

Rocke

Score: 3.44
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

LuminousMoth

Score: 3.44
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1564.001 - Hidden Files and Directories
MITREへのリンク →

Velvet Ant

Score: 5.59
Matched TTPs:
  • T1090.001 - Internal Proxy
  • T1078.003 - Local Accounts
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.79
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1598.003 - Spearphishing Link
  • T1218.010 - Regsvr32
  • T1657 - Financial Theft
  • T1598 - Phishing for Information
  • T1185 - Browser Session Hijacking
  • T1583.006 - Web Services
  • T1585.001 - Social Media Accounts
  • T1102.002 - Bidirectional Communication
  • T1176.001 - Browser Extensions
  • T1078.003 - Local Accounts
MITREへのリンク →

APT28

Score: 0.77
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1598.003 - Spearphishing Link
  • T1550.001 - Application Access Token
  • T1589.001 - Credentials
  • T1598 - Phishing for Information
  • T1189 - Drive-by Compromise
  • T1583.006 - Web Services
  • T1564.001 - Hidden Files and Directories
  • T1584.008 - Network Devices
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Sandworm Team

Score: 0.74
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1598.003 - Spearphishing Link
  • T1087.003 - Email Account
  • T1584.004 - Server
  • T1585.001 - Social Media Accounts
  • T1195.002 - Compromise Software Supply Chain
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1491.002 - External Defacement
  • T1586.001 - Social Media Accounts
MITREへのリンク →

Leviathan

Score: 0.72
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1218.010 - Regsvr32
  • T1589.001 - Credentials
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1585.001 - Social Media Accounts
  • T1584.008 - Network Devices
  • T1203 - Exploitation for Client Execution
  • T1102.003 - One-Way Communication
  • T1586.001 - Social Media Accounts
MITREへのリンク →

Lazarus Group

Score: 0.72
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1189 - Drive-by Compromise
  • T1001.003 - Protocol or Service Impersonation
  • T1585.001 - Social Media Accounts
  • T1583.006 - Web Services
  • T1574.013 - KernelCallbackTable
  • T1584.004 - Server
  • T1564.001 - Hidden Files and Directories
  • T1102.002 - Bidirectional Communication
  • T1203 - Exploitation for Client Execution
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT32

Score: 0.63
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1218.010 - Regsvr32
  • T1598.003 - Spearphishing Link
  • T1189 - Drive-by Compromise
  • T1585.001 - Social Media Accounts
  • T1583.006 - Web Services
  • T1564.001 - Hidden Files and Directories
  • T1550.003 - Pass the Ticket
  • T1203 - Exploitation for Client Execution
  • T1078.003 - Local Accounts
MITREへのリンク →

Turla

Score: 0.63
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1555.004 - Windows Credential Manager
  • T1189 - Drive-by Compromise
  • T1584.004 - Server
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1090.001 - Internal Proxy
  • T1584.006 - Web Services
  • T1078.003 - Local Accounts
MITREへのリンク →

Magic Hound

Score: 0.61
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1598.003 - Spearphishing Link
  • T1589.001 - Credentials
  • T1036.010 - Masquerade Account Name
  • T1087.003 - Email Account
  • T1189 - Drive-by Compromise
  • T1585.001 - Social Media Accounts
  • T1583.006 - Web Services
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Scattered Spider

Score: 0.56
Matched TTPs:
  • T1105 - Ingress Tool Transfer
  • T1598.003 - Spearphishing Link
  • T1217 - Browser Information Discovery
  • T1657 - Financial Theft
  • T1598 - Phishing for Information
  • T1585.001 - Social Media Accounts
  • T1204 - User Execution
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る