Trusted Design

Triout Android Spyware Framework Makes a Comeback, Abusing App with 50 Million Downloads

概要

In August 2018, Bitdefender researchers stumbled across an Android malware framework, dubbed Triout, which packed massive surveillance capabilities. Bundled with a legitimate application ripped from the official Google Play marketplace, the spyware framework can hide its existence on the device, record phone calls, log incoming text messages, record videos, take pictures, and even collect GPS coordinates. All of this information is sent to a Command & Control server managed by the threat actors, without triggering alarms from its victims.

Created: 2026-02-23

Indicators

Indicatorsは見つかっていない。

類似Pulses

Spyware Disguises as Android Applications on Google Play (score: 0.67)
Android Developers Blog: From Chrysaor to Lipizzan: Blocking a new targeted spyware family (score: 0.63)
spyware android (score: 0.62)
Igexin Spyware (score: 0.61)
BusyGasper – the unfriendly spy (score: 0.60)

このPulseに関連する脅威アクター (事実ベース)

Mustard Tempest

Score: 11.05

Matched TTPs:

T1682 - Query Public AI Services
T1091 - Replication Through Removable Media
T1543.002 - Systemd Service

MITREへのリンク →

Sandworm Team

Score: 6.44

Matched TTPs:

T1091 - Replication Through Removable Media
T1016.002 - Wi-Fi Discovery
T1199 - Trusted Relationship

MITREへのリンク →

TA2541

Score: 5.28

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Earth Lusca

Score: 5.28

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Mustang Panda

Score: 10.80

Matched TTPs:

T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1567.002 - Exfiltration to Cloud Storage
T1055.005 - Thread Local Storage

MITREへのリンク →

LuminousMoth

Score: 5.28

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Kimsuky

Score: 18.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1654 - Log Enumeration
T1199 - Trusted Relationship
T1197 - BITS Jobs
T1126 - Network Share Connection Removal
T1003.003 - NTDS

MITREへのリンク →

LazyScripter

Score: 4.43

Matched TTPs:

T1091 - Replication Through Removable Media
T1136.002 - Domain Account

MITREへのリンク →

Gamaredon Group

Score: 7.36

Matched TTPs:

T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1061 - Graphical User Interface

MITREへのリンク →

TA505

Score: 8.90

Matched TTPs:

T1091 - Replication Through Removable Media
T1016.002 - Wi-Fi Discovery
T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

BlackByte

Score: 4.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT32

Score: 9.06

Matched TTPs:

T1091 - Replication Through Removable Media
T1592.004 - Client Configurations
T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Moonstone Sleet

Score: 11.66

Matched TTPs:

T1091 - Replication Through Removable Media
T1197 - BITS Jobs
T1126 - Network Share Connection Removal
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Contagious Interview

Score: 6.67

Matched TTPs:

T1091 - Replication Through Removable Media
T1199 - Trusted Relationship
T1126 - Network Share Connection Removal

MITREへのリンク →

FIN7

Score: 9.06

Matched TTPs:

T1091 - Replication Through Removable Media
T1098.004 - SSH Authorized Keys
T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Magic Hound

Score: 4.47

Matched TTPs:

T1016.002 - Wi-Fi Discovery
T1199 - Trusted Relationship

MITREへのリンク →

RedCurl

Score: 3.62

Matched TTPs:

T1016.002 - Wi-Fi Discovery

MITREへのリンク →

Ember Bear

Score: 10.44

Matched TTPs:

T1098.004 - SSH Authorized Keys
T1136.002 - Domain Account
T1003.003 - NTDS

MITREへのリンク →

Silence

Score: 7.09

Matched TTPs:

T1098.004 - SSH Authorized Keys
T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

LAPSUS$

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Metador

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

APT1

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Aquatic Panda

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Turla

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

BackdoorDiplomacy

Score: 3.31

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship

MITREへのリンク →

Scattered Spider

Score: 6.75

Matched TTPs:

T1136.002 - Domain Account
T1199 - Trusted Relationship
T1197 - BITS Jobs

MITREへのリンク →

APT29

Score: 4.69

Matched TTPs:

T1592.004 - Client Configurations
T1199 - Trusted Relationship

MITREへのリンク →

BRONZE BUTLER

Score: 4.69

Matched TTPs:

T1592.004 - Client Configurations
T1199 - Trusted Relationship

MITREへのリンク →

Dragonfly

Score: 4.98

Matched TTPs:

T1654 - Log Enumeration
T1199 - Trusted Relationship

MITREへのリンク →

Medusa Group

Score: 3.25

Matched TTPs:

T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT28

Score: 4.29

Matched TTPs:

T1199 - Trusted Relationship
T1197 - BITS Jobs

MITREへのリンク →

Wizard Spider

Score: 3.25

Matched TTPs:

T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT41

Score: 3.25

Matched TTPs:

T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT39

Score: 3.25

Matched TTPs:

T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

FIN6

Score: 3.25

Matched TTPs:

T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Ke3chang

Score: 3.25

Matched TTPs:

T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Lazarus Group

Score: 8.83

Matched TTPs:

T1199 - Trusted Relationship
T1567.002 - Exfiltration to Cloud Storage
T1055.005 - Thread Local Storage

MITREへのリンク →

INC Ransom

Score: 3.25

Matched TTPs:

T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

APT38

Score: 3.25

Matched TTPs:

T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Chimera

Score: 3.25

Matched TTPs:

T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Blue Mockingbird

Score: 3.25

Matched TTPs:

T1199 - Trusted Relationship
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Higaisa

Score: 3.84

Matched TTPs:

T1567.002 - Exfiltration to Cloud Storage

MITREへのリンク →

ZIRCONIUM

Score: 3.44

Matched TTPs:

T1197 - BITS Jobs

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1130 - Install Root Certificate

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1160 - Launch Daemon

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.78

Matched TTPs:

T1654 - Log Enumeration
T1199 - Trusted Relationship
T1003.003 - NTDS
T1091 - Replication Through Removable Media
T1126 - Network Share Connection Removal
T1197 - BITS Jobs

MITREへのリンク →

Mustard Tempest

Score: 0.56

Matched TTPs:

T1543.002 - Systemd Service
T1091 - Replication Through Removable Media
T1682 - Query Public AI Services

MITREへのリンク →

Moonstone Sleet

Score: 0.56

Matched TTPs:

T1091 - Replication Through Removable Media
T1126 - Network Share Connection Removal
T1197 - BITS Jobs
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る