Trusted Design

FinFisher surveillance campaigns: Are internet providers involved?

概要

New surveillance campaigns utilizing FinFisher, infamous spyware known also as FinSpy and sold to governments and their agencies worldwide, are in the wild. Besides featuring technical improvements, some of these variants have been using a cunning, previously-unseen infection vector with strong indicators of major internet service provider (ISP) involvement.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

FinFisher campaigns using infamous spyware FinSpy, is in the wind (score: 0.81)
StrongPity2 spyware replaces FinFisher in MitM campaign – ISP involved? (score: 0.78)
Sandvine’s PacketLogic Devices Used to Deploy Government Spyware in Turkey (score: 0.67)
WanaCrypt0r Ransomworm (score: 0.57)
Large Malvertising Campaign Leads to Angler EK & Bunitu Malware (score: 0.56)

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 15.45

Matched TTPs:

T1583 - Acquire Infrastructure
T1608.001 - Upload Malware
T1583.006 - Web Services
T1218.010 - Regsvr32
T1102.002 - Bidirectional Communication
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Sea Turtle

Score: 3.03

Matched TTPs:

T1583 - Acquire Infrastructure

MITREへのリンク →

Ember Bear

Score: 3.03

Matched TTPs:

T1583 - Acquire Infrastructure

MITREへのリンク →

Indrik Spider

Score: 3.03

Matched TTPs:

T1583 - Acquire Infrastructure

MITREへのリンク →

Agrius

Score: 3.03

Matched TTPs:

T1583 - Acquire Infrastructure

MITREへのリンク →

Contagious Interview

Score: 11.15

Matched TTPs:

T1583 - Acquire Infrastructure
T1608.001 - Upload Malware
T1681 - Search Threat Vendor Data
T1583.006 - Web Services

MITREへのリンク →

Sandworm Team

Score: 7.40

Matched TTPs:

T1583 - Acquire Infrastructure
T1608.001 - Upload Malware
T1102.002 - Bidirectional Communication

MITREへのリンク →

Star Blizzard

Score: 5.01

Matched TTPs:

T1583 - Acquire Infrastructure
T1608.001 - Upload Malware

MITREへのリンク →

TA2541

Score: 6.73

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Earth Lusca

Score: 3.99

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services

MITREへのリンク →

Mustang Panda

Score: 3.99

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services

MITREへのリンク →

OilRig

Score: 4.72

Matched TTPs:

T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

LazyScripter

Score: 3.99

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services

MITREへのリンク →

Gamaredon Group

Score: 6.38

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

APT32

Score: 10.58

Matched TTPs:

T1608.001 - Upload Malware
T1550.003 - Pass the Ticket
T1583.006 - Web Services
T1218.010 - Regsvr32

MITREへのリンク →

HEXANE

Score: 4.37

Matched TTPs:

T1608.001 - Upload Malware
T1102.002 - Bidirectional Communication

MITREへのリンク →

Saint Bear

Score: 3.99

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services

MITREへのリンク →

FIN7

Score: 6.38

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

APT42

Score: 4.72

Matched TTPs:

T1608.001 - Upload Malware
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

UNC3886

Score: 4.13

Matched TTPs:

T1681 - Search Threat Vendor Data

MITREへのリンク →

APT29

Score: 5.86

Matched TTPs:

T1550.003 - Pass the Ticket
T1583.006 - Web Services

MITREへのリンク →

BRONZE BUTLER

Score: 7.13

Matched TTPs:

T1550.003 - Pass the Ticket
T1102.001 - Dead Drop Resolver

MITREへのリンク →

Medusa Group

Score: 4.76

Matched TTPs:

T1583.006 - Web Services
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Turla

Score: 4.41

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

ZIRCONIUM

Score: 4.41

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

MuddyWater

Score: 4.41

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

APT28

Score: 4.41

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

Lazarus Group

Score: 4.41

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

POLONIUM

Score: 4.41

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

Magic Hound

Score: 4.41

Matched TTPs:

T1583.006 - Web Services
T1102.002 - Bidirectional Communication

MITREへのリンク →

Cobalt Group

Score: 5.49

Matched TTPs:

T1218.010 - Regsvr32
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Storm-0501

Score: 6.59

Matched TTPs:

T1218.010 - Regsvr32
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

RedCurl

Score: 6.59

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1537 - Transfer Data to Cloud Account

MITREへのリンク →

INC Ransom

Score: 3.84

Matched TTPs:

T1537 - Transfer Data to Cloud Account

MITREへのリンク →

Rocke

Score: 3.29

Matched TTPs:

T1102.001 - Dead Drop Resolver

MITREへのリンク →

APT41

Score: 3.29

Matched TTPs:

T1102.001 - Dead Drop Resolver

MITREへのリンク →

RTM

Score: 3.29

Matched TTPs:

T1102.001 - Dead Drop Resolver

MITREへのリンク →

Patchwork

Score: 3.29

Matched TTPs:

T1102.001 - Dead Drop Resolver

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.80

Matched TTPs:

T1102.002 - Bidirectional Communication
T1102.001 - Dead Drop Resolver
T1583 - Acquire Infrastructure
T1583.006 - Web Services
T1608.001 - Upload Malware
T1218.010 - Regsvr32

MITREへのリンク →

APT32

Score: 0.60

Matched TTPs:

T1608.001 - Upload Malware
T1550.003 - Pass the Ticket
T1218.010 - Regsvr32
T1583.006 - Web Services

MITREへのリンク →

Contagious Interview

Score: 0.60

Matched TTPs:

T1608.001 - Upload Malware
T1681 - Search Threat Vendor Data
T1583.006 - Web Services
T1583 - Acquire Infrastructure

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る