Trusted Design

fake Sage invoice via Necurs botnet delivers Globeimposter Ransomware | My Online Security

概要

From MyOnlineSecurity: The next in the never ending series of malware downloaders via the Necurs botnet is an email with the subject of Invoice_3207070 ( random numbers) pretending to come from sage.co.uk They use email addresses and subjects that will entice, persuade, scare or shock a recipient to read the email and open the attachment. sage.co.uk has not been hacked or had their email or other servers compromised. They are not sending the emails to you. They are just innocent victims in exactly the same way as every recipient of these emails.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Malware spam: "Your Sage subscription invoice is ready" (score: 0.78)
more Necurs botnet sent fake invoices deliver malware My Online Security (score: 0.76)
Fake Amazon Marketplace invoice emails deliver ransomware via Necurs botnet (score: 0.71)
Globeimposter ransomware continues to be delivered via Necurs botnet using fake scanner or printer messages | My Online Security (score: 0.69)
more Necurs botnet sent fake invoices deliver malware My Online Security (score: 0.68)

このPulseに関連する脅威アクター (事実ベース)

Scattered Spider

Score: 15.99

Matched TTPs:

T1666 - Modify Cloud Resource Hierarchy
T1566.002 - Spearphishing Link
T1144 - Gatekeeper Bypass
T1552.003 - Shell History
T1030 - Data Transfer Size Limits

MITREへのリンク →

FIN4

Score: 4.13

Matched TTPs:

T1666 - Modify Cloud Resource Hierarchy

MITREへのリンク →

Mustard Tempest

Score: 6.51

Matched TTPs:

T1682 - Query Public AI Services
T1091 - Replication Through Removable Media

MITREへのリンク →

Sidewinder

Score: 6.08

Matched TTPs:

T1566.002 - Spearphishing Link
T1657 - Financial Theft

MITREへのリンク →

Mustang Panda

Score: 8.56

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1055.005 - Thread Local Storage

MITREへのリンク →

Sandworm Team

Score: 13.28

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1049 - System Network Connections Discovery
T1547.002 - Authentication Package
T1546.016 - Installer Packages

MITREへのリンク →

ZIRCONIUM

Score: 4.86

Matched TTPs:

T1566.002 - Spearphishing Link
T1547.002 - Authentication Package

MITREへのリンク →

APT32

Score: 4.43

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media

MITREへのリンク →

Kimsuky

Score: 15.67

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall
T1547.002 - Authentication Package
T1030 - Data Transfer Size Limits

MITREへのリンク →

Magic Hound

Score: 7.38

Matched TTPs:

T1566.002 - Spearphishing Link
T1547.002 - Authentication Package
T1547.008 - LSASS Driver

MITREへのリンク →

APT28

Score: 13.53

Matched TTPs:

T1566.002 - Spearphishing Link
T1547.002 - Authentication Package
T1146 - Clear Command History
T1566.003 - Spearphishing via Service

MITREへのリンク →

Star Blizzard

Score: 8.05

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1657 - Financial Theft

MITREへのリンク →

Moonstone Sleet

Score: 6.95

Matched TTPs:

T1566.002 - Spearphishing Link
T1091 - Replication Through Removable Media
T1547.008 - LSASS Driver

MITREへのリンク →

CURIUM

Score: 4.98

Matched TTPs:

T1566.002 - Spearphishing Link
T1547.008 - LSASS Driver

MITREへのリンク →

Dragonfly

Score: 8.91

Matched TTPs:

T1566.002 - Spearphishing Link
T1657 - Financial Theft
T1546.016 - Installer Packages

MITREへのリンク →

HAFNIUM

Score: 7.47

Matched TTPs:

T1027.008 - Stripped Payloads
T1049 - System Network Connections Discovery

MITREへのリンク →

APT5

Score: 3.84

Matched TTPs:

T1027.008 - Stripped Payloads

MITREへのリンク →

Ke3chang

Score: 3.84

Matched TTPs:

T1027.008 - Stripped Payloads

MITREへのリンク →

Earth Lusca

Score: 4.81

Matched TTPs:

T1091 - Replication Through Removable Media
T1546.016 - Installer Packages

MITREへのリンク →

OilRig

Score: 4.50

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.008 - LSASS Driver

MITREへのリンク →

Gamaredon Group

Score: 4.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.002 - Authentication Package

MITREへのリンク →

SideCopy

Score: 5.59

Matched TTPs:

T1091 - Replication Through Removable Media
T1657 - Financial Theft

MITREへのリンク →

HEXANE

Score: 4.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.002 - Authentication Package

MITREへのリンク →

Saint Bear

Score: 5.01

Matched TTPs:

T1091 - Replication Through Removable Media
T1030 - Data Transfer Size Limits

MITREへのリンク →

Contagious Interview

Score: 10.05

Matched TTPs:

T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1030 - Data Transfer Size Limits
T1547.008 - LSASS Driver

MITREへのリンク →

FIN7

Score: 4.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.002 - Authentication Package

MITREへのリンク →

EXOTIC LILY

Score: 4.50

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.008 - LSASS Driver

MITREへのリンク →

APT42

Score: 5.01

Matched TTPs:

T1091 - Replication Through Removable Media
T1030 - Data Transfer Size Limits

MITREへのリンク →

MoustachedBouncer

Score: 4.54

Matched TTPs:

T1055.003 - Thread Execution Hijacking

MITREへのリンク →

Aquatic Panda

Score: 3.84

Matched TTPs:

T1144 - Gatekeeper Bypass

MITREへのリンク →

FIN13

Score: 6.37

Matched TTPs:

T1144 - Gatekeeper Bypass
T1552.003 - Shell History

MITREへのリンク →

Axiom

Score: 6.91

Matched TTPs:

T1049 - System Network Connections Discovery
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Volt Typhoon

Score: 6.45

Matched TTPs:

T1049 - System Network Connections Discovery
T1546.016 - Installer Packages

MITREへのリンク →

INC Ransom

Score: 5.81

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

AppleJeus

Score: 5.81

Matched TTPs:

T1552.003 - Shell History
T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

PROMETHIUM

Score: 4.13

Matched TTPs:

T1547.015 - Login Items

MITREへのリンク →

UNC3886

Score: 4.13

Matched TTPs:

T1547.015 - Login Items

MITREへのリンク →

Sea Turtle

Score: 3.29

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

GOLD SOUTHFIELD

Score: 3.29

Matched TTPs:

T1562.013 - Disable or Modify Network Device Firewall

MITREへのリンク →

Storm-1811

Score: 14.63

Matched TTPs:

T1486 - Data Encrypted for Impact
T1567.003 - Exfiltration to Text Storage Sites
T1030 - Data Transfer Size Limits
T1547.008 - LSASS Driver

MITREへのリンク →

Lazarus Group

Score: 11.89

Matched TTPs:

T1547.002 - Authentication Package
T1546.016 - Installer Packages
T1055.005 - Thread Local Storage
T1547.008 - LSASS Driver

MITREへのリンク →

Turla

Score: 5.23

Matched TTPs:

T1547.002 - Authentication Package
T1546.016 - Installer Packages

MITREへのリンク →

LAPSUS$

Score: 3.03

Matched TTPs:

T1030 - Data Transfer Size Limits

MITREへのリンク →

APT41

Score: 3.03

Matched TTPs:

T1030 - Data Transfer Size Limits

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

APT38

Score: 4.54

Matched TTPs:

T1059.005 - Visual Basic

MITREへのリンク →

Velvet Ant

Score: 4.13

Matched TTPs:

T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Storm-1811

Score: 0.80

Matched TTPs:

T1567.003 - Exfiltration to Text Storage Sites
T1486 - Data Encrypted for Impact
T1030 - Data Transfer Size Limits
T1547.008 - LSASS Driver

MITREへのリンク →

Scattered Spider

Score: 0.79

Matched TTPs:

T1666 - Modify Cloud Resource Hierarchy
T1030 - Data Transfer Size Limits
T1566.002 - Spearphishing Link
T1144 - Gatekeeper Bypass
T1552.003 - Shell History

MITREへのリンク →

Kimsuky

Score: 0.77

Matched TTPs:

T1547.002 - Authentication Package
T1091 - Replication Through Removable Media
T1030 - Data Transfer Size Limits
T1566.002 - Spearphishing Link
T1562.013 - Disable or Modify Network Device Firewall
T1552.003 - Shell History

MITREへのリンク →

APT28

Score: 0.69

Matched TTPs:

T1146 - Clear Command History
T1566.003 - Spearphishing via Service
T1547.002 - Authentication Package
T1566.002 - Spearphishing Link

MITREへのリンク →

Sandworm Team

Score: 0.67

Matched TTPs:

T1049 - System Network Connections Discovery
T1547.002 - Authentication Package
T1091 - Replication Through Removable Media
T1566.002 - Spearphishing Link
T1546.016 - Installer Packages

MITREへのリンク →

Lazarus Group

Score: 0.62

Matched TTPs:

T1546.016 - Installer Packages
T1547.008 - LSASS Driver
T1547.002 - Authentication Package
T1055.005 - Thread Local Storage

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る