Trusted Design

TRITON...... Iran Vs Saudi Arabia

概要

TRITON is one of a limited number of publicly identified malicious software families targeted at industrial control systems (ICS). It follows Stuxnet which was used against Iran in 2010 and Industroyer which we believe was deployed by Sandworm Team against Ukraine in 2016. TRITON is consistent with these attacks, in that it could prevent safety mechanisms from executing their intended function, resulting in a physical consequence.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

New ICS Attack Framework “TRITON” targeting Critical Infrastructure - Mjolnir Security (score: 0.81)
Targets Middle Eastern Telecommunications Companies (score: 0.50)
Domestic Kitten: An Iranian Surveillance Operation (score: 0.46)
Domestic Kitten: An Iranian Surveillance Operation (score: 0.46)
Targeted Attack Distributes PlugX in Russia (score: 0.45)

このPulseに関連する脅威アクター (事実ベース)

TeamTNT

Score: 4.54

Matched TTPs:

T1610 - Deploy Container

MITREへのリンク →

PROMETHIUM

Score: 4.13

Matched TTPs:

T1205.001 - Port Knocking

MITREへのリンク →

UNC3886

Score: 4.13

Matched TTPs:

T1205.001 - Port Knocking

MITREへのリンク →

Lazarus Group

Score: 13.97

Matched TTPs:

T1574.013 - KernelCallbackTable
T1036.003 - Rename Legitimate Utilities
T1566.003 - Spearphishing via Service
T1529 - System Shutdown/Reboot

MITREへのリンク →

menuPass

Score: 3.29

Matched TTPs:

T1036.003 - Rename Legitimate Utilities

MITREへのリンク →

Daggerfly

Score: 3.29

Matched TTPs:

T1036.003 - Rename Legitimate Utilities

MITREへのリンク →

APT32

Score: 5.68

Matched TTPs:

T1036.003 - Rename Legitimate Utilities
T1569.002 - Service Execution

MITREへのリンク →

APT38

Score: 9.30

Matched TTPs:

T1036.003 - Rename Legitimate Utilities
T1569.002 - Service Execution
T1529 - System Shutdown/Reboot

MITREへのリンク →

GALLIUM

Score: 3.29

Matched TTPs:

T1036.003 - Rename Legitimate Utilities

MITREへのリンク →

Velvet Ant

Score: 9.28

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1569.002 - Service Execution
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Medusa Group

Score: 13.30

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1569.002 - Service Execution
T1529 - System Shutdown/Reboot
T1218.014 - MMC

MITREへのリンク →

OilRig

Score: 5.27

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1566.003 - Spearphishing via Service

MITREへのリンク →

FIN6

Score: 7.67

Matched TTPs:

T1573.002 - Asymmetric Cryptography
T1569.002 - Service Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT28

Score: 8.67

Matched TTPs:

T1498 - Network Denial of Service
T1211 - Exploitation for Defense Evasion

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Scattered Spider

Score: 4.54

Matched TTPs:

T1538 - Cloud Service Dashboard

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1001.002 - Steganography

MITREへのリンク →

Moonstone Sleet

Score: 4.92

Matched TTPs:

T1569.002 - Service Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT37

Score: 3.62

Matched TTPs:

T1529 - System Shutdown/Reboot

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.80

Matched TTPs:

T1574.013 - KernelCallbackTable
T1529 - System Shutdown/Reboot
T1566.003 - Spearphishing via Service
T1036.003 - Rename Legitimate Utilities

MITREへのリンク →

Medusa Group

Score: 0.73

Matched TTPs:

T1529 - System Shutdown/Reboot
T1569.002 - Service Execution
T1573.002 - Asymmetric Cryptography
T1218.014 - MMC

MITREへのリンク →

Velvet Ant

Score: 0.56

Matched TTPs:

T1211 - Exploitation for Defense Evasion
T1569.002 - Service Execution
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

APT38

Score: 0.55

Matched TTPs:

T1529 - System Shutdown/Reboot
T1569.002 - Service Execution
T1036.003 - Rename Legitimate Utilities

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る