Trusted Design

New ICS Attack Framework “TRITON” targeting Critical Infrastructure - Mjolnir Security

概要

TRITON is one of a limited number of publicly identified malicious software families targeted at industrial control systems (ICS). It follows Stuxnet which was used against Iran in 2010 and Industroyer which we believe was deployed by Sandworm Team against Ukraine in 2016. TRITON is consistent with these attacks, in that it could prevent safety mechanisms from executing their intended function, resulting in a physical consequence.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 11.47
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

FIN13

Score: 7.34
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1090.001 - Internal Proxy
MITREへのリンク →

Moonstone Sleet

Score: 8.99
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 3.89
Matched TTPs:
  • T1587.001 - Malware
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Lazarus Group

Score: 25.88
Matched TTPs:
  • T1587.001 - Malware
  • T1090.002 - External Proxy
  • T1588.002 - Tool
  • T1574.013 - KernelCallbackTable
  • T1562.001 - Disable or Modify Tools
  • T1036.003 - Rename Legitimate Utilities
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
  • T1090.001 - Internal Proxy
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Contagious Interview

Score: 15.71
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1681 - Search Threat Vendor Data
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

OilRig

Score: 15.53
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 15.12
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
  • T1205.001 - Port Knocking
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

LuminousMoth

Score: 4.92
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
MITREへのリンク →

Sandworm Team

Score: 17.69
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1584.005 - Botnet
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Salt Typhoon

Score: 4.41
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

APT29

Score: 14.80
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1090.002 - External Proxy
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Play

Score: 6.21
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Aoqin Dragon

Score: 4.44
Matched TTPs:
  • T1587.001 - Malware
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

RedCurl

Score: 4.84
Matched TTPs:
  • T1587.001 - Malware
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Moses Staff

Score: 4.41
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
MITREへのリンク →

Turla

Score: 10.01
Matched TTPs:
  • T1587.001 - Malware
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1090.001 - Internal Proxy
MITREへのリンク →

Ke3chang

Score: 10.66
Matched TTPs:
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1569.002 - Service Execution
MITREへのリンク →

Mustang Panda

Score: 18.23
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1176.002 - IDE Extensions
  • T1608 - Stage Capabilities
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

TeamTNT

Score: 10.40
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1610 - Deploy Container
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

FIN7

Score: 8.79
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1569.002 - Service Execution
MITREへのリンク →

HAFNIUM

Score: 8.94
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
MITREへのリンク →

APT5

Score: 5.31
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

TA2541

Score: 7.37
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Earth Lusca

Score: 6.63
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

Gamaredon Group

Score: 10.58
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Threat Group-3390

Score: 9.92
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

SideCopy

Score: 4.72
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1518 - Software Discovery
MITREへのリンク →

TA505

Score: 4.62
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

BlackByte

Score: 7.64
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1569.002 - Service Execution
MITREへのリンク →

BITTER

Score: 7.94
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT32

Score: 10.00
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1036.003 - Rename Legitimate Utilities
  • T1203 - Exploitation for Client Execution
  • T1569.002 - Service Execution
MITREへのリンク →

HEXANE

Score: 5.57
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1518 - Software Discovery
MITREへのリンク →

Saint Bear

Score: 5.26
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

EXOTIC LILY

Score: 5.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT42

Score: 5.57
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Ember Bear

Score: 8.61
Matched TTPs:
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Rocke

Score: 10.17
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Volt Typhoon

Score: 13.96
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1584.005 - Botnet
  • T1588.002 - Tool
  • T1518 - Software Discovery
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT28

Score: 15.23
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090.002 - External Proxy
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1498 - Network Denial of Service
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

BlackTech

Score: 3.81
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Magic Hound

Score: 12.60
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1573 - Encrypted Channel
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Medusa Group

Score: 21.55
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1573.002 - Asymmetric Cryptography
  • T1569.002 - Service Execution
  • T1529 - System Shutdown/Reboot
  • T1218.014 - MMC
MITREへのリンク →

Sea Turtle

Score: 7.43
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Fox Kitten

Score: 3.81
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
MITREへのリンク →

Cinnamon Tempest

Score: 4.66
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

Agrius

Score: 3.27
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

menuPass

Score: 8.35
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090.002 - External Proxy
  • T1588.002 - Tool
  • T1036.003 - Rename Legitimate Utilities
MITREへのリンク →

ToddyCat

Score: 3.99
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 7.06
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1569.002 - Service Execution
MITREへのリンク →

GALLIUM

Score: 8.35
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090.002 - External Proxy
  • T1588.002 - Tool
  • T1036.003 - Rename Legitimate Utilities
MITREへのリンク →

INC Ransom

Score: 6.51
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1569.002 - Service Execution
MITREへのリンク →

Dragonfly

Score: 3.81
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Axiom

Score: 11.12
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1584.005 - Botnet
  • T1203 - Exploitation for Client Execution
  • T1001.002 - Steganography
MITREへのリンク →

APT41

Score: 11.84
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1569.002 - Service Execution
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

MuddyWater

Score: 14.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090.002 - External Proxy
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
  • T1518 - Software Discovery
MITREへのリンク →

APT39

Score: 10.39
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090.002 - External Proxy
  • T1588.002 - Tool
  • T1569.002 - Service Execution
  • T1090.001 - Internal Proxy
MITREへのリンク →

FIN5

Score: 3.60
Matched TTPs:
  • T1090.002 - External Proxy
  • T1588.002 - Tool
MITREへのリンク →

Tonto Team

Score: 4.24
Matched TTPs:
  • T1090.002 - External Proxy
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT3

Score: 4.24
Matched TTPs:
  • T1090.002 - External Proxy
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Silence

Score: 5.99
Matched TTPs:
  • T1090.002 - External Proxy
  • T1588.002 - Tool
  • T1569.002 - Service Execution
MITREへのリンク →

CopyKittens

Score: 3.19
Matched TTPs:
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

LAPSUS$

Score: 3.19
Matched TTPs:
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

Windigo

Score: 5.09
Matched TTPs:
  • T1090 - Proxy
  • T1518 - Software Discovery
MITREへのリンク →

POLONIUM

Score: 3.19
Matched TTPs:
  • T1090 - Proxy
  • T1588.002 - Tool
MITREへのリンク →

Scattered Spider

Score: 9.52
Matched TTPs:
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1538 - Cloud Service Dashboard
MITREへのリンク →

PROMETHIUM

Score: 4.13
Matched TTPs:
  • T1205.001 - Port Knocking
MITREへのリンク →

Inception

Score: 5.09
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Wizard Spider

Score: 5.04
Matched TTPs:
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1569.002 - Service Execution
MITREへのリンク →

Storm-1811

Score: 3.37
Matched TTPs:
  • T1588.002 - Tool
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 10.17
Matched TTPs:
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

FIN8

Score: 3.60
Matched TTPs:
  • T1588.002 - Tool
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

FIN6

Score: 10.31
Matched TTPs:
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1573.002 - Asymmetric Cryptography
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 5.63
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

Cobalt Group

Score: 5.09
Matched TTPs:
  • T1588.002 - Tool
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
MITREへのリンク →

Lotus Blossom

Score: 3.78
Matched TTPs:
  • T1588.002 - Tool
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT38

Score: 11.95
Matched TTPs:
  • T1588.002 - Tool
  • T1562.001 - Disable or Modify Tools
  • T1036.003 - Rename Legitimate Utilities
  • T1569.002 - Service Execution
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Chimera

Score: 3.25
Matched TTPs:
  • T1588.002 - Tool
  • T1569.002 - Service Execution
MITREへのリンク →

Velvet Ant

Score: 14.00
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1573.002 - Asymmetric Cryptography
  • T1569.002 - Service Execution
  • T1090.001 - Internal Proxy
  • T1211 - Exploitation for Defense Evasion
MITREへのリンク →

Tropic Trooper

Score: 10.61
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1203 - Exploitation for Client Execution
  • T1573.002 - Asymmetric Cryptography
  • T1518 - Software Discovery
MITREへのリンク →

Daggerfly

Score: 3.29
Matched TTPs:
  • T1036.003 - Rename Legitimate Utilities
MITREへのリンク →

Sidewinder

Score: 4.24
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Higaisa

Score: 4.42
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1090.001 - Internal Proxy
MITREへのリンク →

APT37

Score: 5.12
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 7.06
Matched TTPs:
  • T1564.005 - Hidden File System
  • T1090.001 - Internal Proxy
MITREへのリンク →

Windshift

Score: 5.27
Matched TTPs:
  • T1518 - Software Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

RTM

Score: 3.29
Matched TTPs:
  • T1102.001 - Dead Drop Resolver
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Lazarus Group

Score: 0.80
Matched TTPs:
  • T1529 - System Shutdown/Reboot
  • T1203 - Exploitation for Client Execution
  • T1566.003 - Spearphishing via Service
  • T1036.003 - Rename Legitimate Utilities
  • T1090.001 - Internal Proxy
  • T1588.002 - Tool
  • T1090.002 - External Proxy
  • T1574.013 - KernelCallbackTable
  • T1587.001 - Malware
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Medusa Group

Score: 0.68
Matched TTPs:
  • T1529 - System Shutdown/Reboot
  • T1608.002 - Upload Tool
  • T1573.002 - Asymmetric Cryptography
  • T1588.002 - Tool
  • T1190 - Exploit Public-Facing Application
  • T1569.002 - Service Execution
  • T1562.001 - Disable or Modify Tools
  • T1218.014 - MMC
MITREへのリンク →

Sandworm Team

Score: 0.64
Matched TTPs:
  • T1195 - Supply Chain Compromise
  • T1203 - Exploitation for Client Execution
  • T1090 - Proxy
  • T1588.002 - Tool
  • T1190 - Exploit Public-Facing Application
  • T1608.001 - Upload Malware
  • T1587.001 - Malware
  • T1584.005 - Botnet
MITREへのリンク →

Mustang Panda

Score: 0.59
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1588.002 - Tool
  • T1608 - Stage Capabilities
  • T1608.001 - Upload Malware
  • T1518 - Software Discovery
  • T1587.001 - Malware
  • T1176.002 - IDE Extensions
MITREへのリンク →

UNC3886

Score: 0.57
Matched TTPs:
  • T1205.001 - Port Knocking
  • T1203 - Exploitation for Client Execution
  • T1681 - Search Threat Vendor Data
  • T1190 - Exploit Public-Facing Application
  • T1587.001 - Malware
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る