Trusted Design

Quiz sites trick users into enabling unwanted browser notifications

概要

Users are being tricked into enabling unwanted browser notifications through quiz websites. These sites challenge visitors with quizzes on various topics, but their main goal is to get users to click 'Start the quiz' button. This action triggers a misleading prompt that tricks users into allowing notifications. Once enabled, these notifications can display advertisements, scams, or unwanted downloads even when the user is not on the original website. The article provides instructions on how to remove and block web push notifications across different browsers, including Chrome, Firefox, Opera, Edge, and Safari. It also lists several domains associated with this deceptive campaign.

Created: 2026-03-10

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Mustang Panda

Score: 27.83
Matched TTPs:
  • T1037 - Boot or Logon Initialization Scripts
  • T1596.001 - DNS/Passive DNS
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1566.002 - Spearphishing Link
  • T1024 - Custom Cryptographic Protocol
  • T1091 - Replication Through Removable Media
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1218.010 - Regsvr32
MITREへのリンク →

Kimsuky

Score: 43.96
Matched TTPs:
  • T1037 - Boot or Logon Initialization Scripts
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1213.006 - Databases
  • T1566.002 - Spearphishing Link
  • T1024 - Custom Cryptographic Protocol
  • T1091 - Replication Through Removable Media
  • T1562.012 - Disable or Modify Linux Audit System
  • T1219.001 - IDE Tunneling
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1041 - Exfiltration Over C2 Channel
  • T1055.014 - VDSO Hijacking
  • T1597 - Search Closed Sources
  • T1027.014 - Polymorphic Code
  • T1003.003 - NTDS
MITREへのリンク →

Sea Turtle

Score: 17.67
Matched TTPs:
  • T1037 - Boot or Logon Initialization Scripts
  • T1596.001 - DNS/Passive DNS
  • T1157 - Dylib Hijacking
  • T1218.010 - Regsvr32
  • T1137.004 - Outlook Home Page
  • T1059.013 - Container CLI/API
MITREへのリンク →

Contagious Interview

Score: 16.48
Matched TTPs:
  • T1044 - File System Permissions Weakness
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1091 - Replication Through Removable Media
  • T1219.001 - IDE Tunneling
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
MITREへのリンク →

Daggerfly

Score: 4.36
Matched TTPs:
  • T1584.008 - Network Devices
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

GALLIUM

Score: 7.72
Matched TTPs:
  • T1584.008 - Network Devices
  • T1055.004 - Asynchronous Procedure Call
  • T1087.004 - Cloud Account
  • T1157 - Dylib Hijacking
MITREへのリンク →

APT29

Score: 25.33
Matched TTPs:
  • T1584.008 - Network Devices
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1024 - Custom Cryptographic Protocol
  • T1177 - LSASS Driver
  • T1568 - Dynamic Resolution
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
MITREへのリンク →

FIN13

Score: 7.72
Matched TTPs:
  • T1584.008 - Network Devices
  • T1606.002 - SAML Tokens
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
MITREへのリンク →

Dragonfly

Score: 18.48
Matched TTPs:
  • T1584.008 - Network Devices
  • T1087.002 - Domain Account
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1219.001 - IDE Tunneling
  • T1041 - Exfiltration Over C2 Channel
  • T1157 - Dylib Hijacking
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Ke3chang

Score: 14.96
Matched TTPs:
  • T1584.008 - Network Devices
  • T1606.002 - SAML Tokens
  • T1027.008 - Stripped Payloads
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1087.004 - Cloud Account
  • T1157 - Dylib Hijacking
MITREへのリンク →

Agrius

Score: 6.36
Matched TTPs:
  • T1584.008 - Network Devices
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
MITREへのリンク →

APT41

Score: 39.24
Matched TTPs:
  • T1584.008 - Network Devices
  • T1071.004 - DNS
  • T1562.012 - Disable or Modify Linux Audit System
  • T1177 - LSASS Driver
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1041 - Exfiltration Over C2 Channel
  • T1048 - Exfiltration Over Alternative Protocol
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
  • T1218.010 - Regsvr32
  • T1002 - Data Compressed
  • T1564.003 - Hidden Window
  • T1574.002 - DLL Side-Loading
MITREへのリンク →

APT5

Score: 9.47
Matched TTPs:
  • T1584.008 - Network Devices
  • T1027.008 - Stripped Payloads
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
MITREへのリンク →

menuPass

Score: 7.84
Matched TTPs:
  • T1584.008 - Network Devices
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1157 - Dylib Hijacking
MITREへのリンク →

Threat Group-3390

Score: 16.90
Matched TTPs:
  • T1584.008 - Network Devices
  • T1087.002 - Domain Account
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1055.004 - Asynchronous Procedure Call
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Wizard Spider

Score: 13.11
Matched TTPs:
  • T1584.008 - Network Devices
  • T1087.002 - Domain Account
  • T1038 - DLL Search Order Hijacking
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
MITREへのリンク →

Ember Bear

Score: 10.02
Matched TTPs:
  • T1584.008 - Network Devices
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1003.003 - NTDS
MITREへのリンク →

Silent Librarian

Score: 10.88
Matched TTPs:
  • T1596.001 - DNS/Passive DNS
  • T1566.002 - Spearphishing Link
  • T1584.005 - Botnet
  • T1157 - Dylib Hijacking
MITREへのリンク →

Lazarus Group

Score: 25.72
Matched TTPs:
  • T1596.001 - DNS/Passive DNS
  • T1071.004 - DNS
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

UNC3886

Score: 17.20
Matched TTPs:
  • T1596.001 - DNS/Passive DNS
  • T1606.002 - SAML Tokens
  • T1219.001 - IDE Tunneling
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1488 - Disk Content Wipe
  • T1218.010 - Regsvr32
MITREへのリンク →

LuminousMoth

Score: 17.37
Matched TTPs:
  • T1596.001 - DNS/Passive DNS
  • T1606.002 - SAML Tokens
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1219.001 - IDE Tunneling
  • T1584.005 - Botnet
  • T1087.004 - Cloud Account
MITREへのリンク →

BlackTech

Score: 5.43
Matched TTPs:
  • T1596.001 - DNS/Passive DNS
  • T1087.002 - Domain Account
  • T1218.010 - Regsvr32
MITREへのリンク →

APT28

Score: 19.85
Matched TTPs:
  • T1071.004 - DNS
  • T1087.002 - Domain Account
  • T1566.002 - Spearphishing Link
  • T1024 - Custom Cryptographic Protocol
  • T1219.001 - IDE Tunneling
  • T1608.005 - Link Target
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Moonstone Sleet

Score: 9.66
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Indrik Spider

Score: 8.45
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

OilRig

Score: 24.30
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1024 - Custom Cryptographic Protocol
  • T1091 - Replication Through Removable Media
  • T1562.012 - Disable or Modify Linux Audit System
  • T1055.004 - Asynchronous Procedure Call
  • T1048 - Exfiltration Over Alternative Protocol
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
  • T1592.002 - Software
MITREへのリンク →

Sandworm Team

Score: 28.30
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1484.002 - Trust Modification
  • T1566.002 - Spearphishing Link
  • T1091 - Replication Through Removable Media
  • T1562.012 - Disable or Modify Linux Audit System
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1087.004 - Cloud Account
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
  • T1218.010 - Regsvr32
  • T1075 - Pass the Hash
MITREへのリンク →

Play

Score: 6.62
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1219.001 - IDE Tunneling
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
MITREへのリンク →

Aoqin Dragon

Score: 5.68
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1218.010 - Regsvr32
MITREへのリンク →

RedCurl

Score: 6.24
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1562.012 - Disable or Modify Linux Audit System
  • T1219.001 - IDE Tunneling
MITREへのリンク →

Turla

Score: 16.42
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1218.001 - Compiled HTML File
  • T1039 - Data from Network Shared Drive
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

TeamTNT

Score: 8.90
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1091 - Replication Through Removable Media
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1597 - Search Closed Sources
MITREへのリンク →

FIN7

Score: 19.85
Matched TTPs:
  • T1606.002 - SAML Tokens
  • T1087.002 - Domain Account
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1218.012 - Verclsid
  • T1584.005 - Botnet
  • T1608.005 - Link Target
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Elderwood

Score: 4.05
Matched TTPs:
  • T1087.002 - Domain Account
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Transparent Tribe

Score: 7.08
Matched TTPs:
  • T1087.002 - Domain Account
  • T1115 - Clipboard Data
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

WIRTE

Score: 3.53
Matched TTPs:
  • T1087.002 - Domain Account
  • T1027.014 - Polymorphic Code
MITREへのリンク →

CURIUM

Score: 13.64
Matched TTPs:
  • T1087.002 - Domain Account
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1087.004 - Cloud Account
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Tropic Trooper

Score: 5.32
Matched TTPs:
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.010 - Regsvr32
MITREへのリンク →

Dark Caracal

Score: 7.29
Matched TTPs:
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1048 - Exfiltration Over Alternative Protocol
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

PLATINUM

Score: 9.19
Matched TTPs:
  • T1087.002 - Domain Account
  • T1039 - Data from Network Shared Drive
  • T1059.012 - Hypervisor CLI
  • T1686 - Disable or Modify System Firewall
MITREへのリンク →

TA551

Score: 5.88
Matched TTPs:
  • T1087.002 - Domain Account
  • T1218.012 - Verclsid
  • T1027.014 - Polymorphic Code
MITREへのリンク →

HEXANE

Score: 12.84
Matched TTPs:
  • T1087.002 - Domain Account
  • T1024 - Custom Cryptographic Protocol
  • T1091 - Replication Through Removable Media
  • T1562.012 - Disable or Modify Linux Audit System
  • T1055.004 - Asynchronous Procedure Call
  • T1055.014 - VDSO Hijacking
MITREへのリンク →

FIN8

Score: 6.65
Matched TTPs:
  • T1087.002 - Domain Account
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

BITTER

Score: 6.35
Matched TTPs:
  • T1087.002 - Domain Account
  • T1091 - Replication Through Removable Media
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
MITREへのリンク →

APT37

Score: 6.10
Matched TTPs:
  • T1087.002 - Domain Account
  • T1562.012 - Disable or Modify Linux Audit System
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

LazyScripter

Score: 7.11
Matched TTPs:
  • T1087.002 - Domain Account
  • T1091 - Replication Through Removable Media
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
MITREへのリンク →

TA505

Score: 8.95
Matched TTPs:
  • T1087.002 - Domain Account
  • T1091 - Replication Through Removable Media
  • T1562.012 - Disable or Modify Linux Audit System
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

APT39

Score: 5.49
Matched TTPs:
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1087.004 - Cloud Account
  • T1157 - Dylib Hijacking
MITREへのリンク →

Star Blizzard

Score: 9.31
Matched TTPs:
  • T1087.002 - Domain Account
  • T1566.002 - Spearphishing Link
  • T1024 - Custom Cryptographic Protocol
  • T1091 - Replication Through Removable Media
  • T1157 - Dylib Hijacking
MITREへのリンク →

Higaisa

Score: 4.25
Matched TTPs:
  • T1087.002 - Domain Account
  • T1087.004 - Cloud Account
  • T1218.010 - Regsvr32
MITREへのリンク →

Magic Hound

Score: 16.86
Matched TTPs:
  • T1087.002 - Domain Account
  • T1566.002 - Spearphishing Link
  • T1024 - Custom Cryptographic Protocol
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Cobalt Group

Score: 11.26
Matched TTPs:
  • T1087.002 - Domain Account
  • T1518.002 - Backup Software Discovery
  • T1039 - Data from Network Shared Drive
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
MITREへのリンク →

Storm-1811

Score: 3.13
Matched TTPs:
  • T1087.002 - Domain Account
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Inception

Score: 10.72
Matched TTPs:
  • T1087.002 - Domain Account
  • T1562.012 - Disable or Modify Linux Audit System
  • T1219.001 - IDE Tunneling
  • T1218.012 - Verclsid
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
MITREへのリンク →

EXOTIC LILY

Score: 4.25
Matched TTPs:
  • T1087.002 - Domain Account
  • T1091 - Replication Through Removable Media
  • T1218.010 - Regsvr32
MITREへのリンク →

Saint Bear

Score: 8.06
Matched TTPs:
  • T1087.002 - Domain Account
  • T1091 - Replication Through Removable Media
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
MITREへのリンク →

FIN6

Score: 8.16
Matched TTPs:
  • T1087.002 - Domain Account
  • T1562.012 - Disable or Modify Linux Audit System
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Patchwork

Score: 9.86
Matched TTPs:
  • T1087.002 - Domain Account
  • T1566.002 - Spearphishing Link
  • T1562.012 - Disable or Modify Linux Audit System
  • T1219.001 - IDE Tunneling
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT19

Score: 5.30
Matched TTPs:
  • T1087.002 - Domain Account
  • T1027.014 - Polymorphic Code
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

TA2541

Score: 8.91
Matched TTPs:
  • T1087.002 - Domain Account
  • T1091 - Replication Through Removable Media
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
MITREへのリンク →

Earth Lusca

Score: 14.24
Matched TTPs:
  • T1087.002 - Domain Account
  • T1091 - Replication Through Removable Media
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

SideCopy

Score: 5.10
Matched TTPs:
  • T1087.002 - Domain Account
  • T1091 - Replication Through Removable Media
  • T1218.012 - Verclsid
MITREへのリンク →

Leviathan

Score: 24.46
Matched TTPs:
  • T1087.002 - Domain Account
  • T1484.002 - Trust Modification
  • T1024 - Custom Cryptographic Protocol
  • T1087.004 - Cloud Account
  • T1055.014 - VDSO Hijacking
  • T1157 - Dylib Hijacking
  • T1027.014 - Polymorphic Code
  • T1488 - Disk Content Wipe
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Tonto Team

Score: 4.38
Matched TTPs:
  • T1087.002 - Domain Account
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
MITREへのリンク →

Andariel

Score: 5.78
Matched TTPs:
  • T1087.002 - Domain Account
  • T1055.004 - Asynchronous Procedure Call
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

BRONZE BUTLER

Score: 7.14
Matched TTPs:
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT38

Score: 15.51
Matched TTPs:
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1048 - Exfiltration Over Alternative Protocol
  • T1597 - Search Closed Sources
  • T1027 - Obfuscated Files or Information
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

MuddyWater

Score: 23.25
Matched TTPs:
  • T1087.002 - Domain Account
  • T1518.002 - Backup Software Discovery
  • T1562.012 - Disable or Modify Linux Audit System
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1218.010 - Regsvr32
  • T1059.013 - Container CLI/API
MITREへのリンク →

admin@338

Score: 5.32
Matched TTPs:
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.010 - Regsvr32
MITREへのリンク →

Gamaredon Group

Score: 19.43
Matched TTPs:
  • T1087.002 - Domain Account
  • T1091 - Replication Through Removable Media
  • T1219.001 - IDE Tunneling
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1055.014 - VDSO Hijacking
  • T1597 - Search Closed Sources
  • T1059.013 - Container CLI/API
MITREへのリンク →

Darkhotel

Score: 5.35
Matched TTPs:
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

APT32

Score: 25.71
Matched TTPs:
  • T1087.002 - Domain Account
  • T1566.002 - Spearphishing Link
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1039 - Data from Network Shared Drive
  • T1027.014 - Polymorphic Code
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

IndigoZebra

Score: 5.47
Matched TTPs:
  • T1087.002 - Domain Account
  • T1024 - Custom Cryptographic Protocol
  • T1608.005 - Link Target
MITREへのリンク →

APT33

Score: 7.86
Matched TTPs:
  • T1087.002 - Domain Account
  • T1562.012 - Disable or Modify Linux Audit System
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1218.010 - Regsvr32
MITREへのリンク →

Silence

Score: 5.65
Matched TTPs:
  • T1087.002 - Domain Account
  • T1048 - Exfiltration Over Alternative Protocol
  • T1157 - Dylib Hijacking
MITREへのリンク →

Sidewinder

Score: 8.38
Matched TTPs:
  • T1087.002 - Domain Account
  • T1566.002 - Spearphishing Link
  • T1219.001 - IDE Tunneling
  • T1218.012 - Verclsid
  • T1218.010 - Regsvr32
MITREへのリンク →

Confucius

Score: 9.91
Matched TTPs:
  • T1087.002 - Domain Account
  • T1219.001 - IDE Tunneling
  • T1218.012 - Verclsid
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1218.010 - Regsvr32
MITREへのリンク →

Scattered Spider

Score: 42.84
Matched TTPs:
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1566.002 - Spearphishing Link
  • T1583.001 - Domains
  • T1019 - System Firmware
  • T1219.001 - IDE Tunneling
  • T1619 - Cloud Storage Object Discovery
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1027.005 - Indicator Removal from Tools
  • T1027 - Obfuscated Files or Information
  • T1564.003 - Hidden Window
  • T1027.002 - Software Packing
MITREへのリンク →

Storm-0501

Score: 9.22
Matched TTPs:
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1027 - Obfuscated Files or Information
  • T1027.014 - Polymorphic Code
MITREへのリンク →

ZIRCONIUM

Score: 10.59
Matched TTPs:
  • T1566.002 - Spearphishing Link
  • T1562.012 - Disable or Modify Linux Audit System
  • T1608.005 - Link Target
  • T1087.004 - Cloud Account
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

HAFNIUM

Score: 9.25
Matched TTPs:
  • T1027.008 - Stripped Payloads
  • T1219.001 - IDE Tunneling
  • T1608.005 - Link Target
  • T1039 - Data from Network Shared Drive
MITREへのリンク →

Mustard Tempest

Score: 6.77
Matched TTPs:
  • T1115 - Clipboard Data
  • T1091 - Replication Through Removable Media
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

LAPSUS$

Score: 24.48
Matched TTPs:
  • T1024 - Custom Cryptographic Protocol
  • T1562.012 - Disable or Modify Linux Audit System
  • T1019 - System Firmware
  • T1619 - Cloud Storage Object Discovery
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1137.004 - Outlook Home Page
  • T1564.003 - Hidden Window
MITREへのリンク →

BlackByte

Score: 11.60
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1087.004 - Cloud Account
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

APT42

Score: 8.16
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1583.001 - Domains
  • T1562.012 - Disable or Modify Linux Audit System
MITREへのリンク →

Akira

Score: 10.10
Matched TTPs:
  • T1137.005 - Outlook Rules
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

APT3

Score: 11.84
Matched TTPs:
  • T1562.012 - Disable or Modify Linux Audit System
  • T1177 - LSASS Driver
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1087.004 - Cloud Account
  • T1218.010 - Regsvr32
MITREへのリンク →

Stealth Falcon

Score: 4.03
Matched TTPs:
  • T1562.012 - Disable or Modify Linux Audit System
  • T1087.004 - Cloud Account
MITREへのリンク →

Leafminer

Score: 5.12
Matched TTPs:
  • T1562.012 - Disable or Modify Linux Audit System
  • T1219.001 - IDE Tunneling
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Volt Typhoon

Score: 16.58
Matched TTPs:
  • T1562.012 - Disable or Modify Linux Audit System
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1157 - Dylib Hijacking
  • T1039 - Data from Network Shared Drive
  • T1488 - Disk Content Wipe
  • T1574.002 - DLL Side-Loading
MITREへのリンク →

Deep Panda

Score: 6.03
Matched TTPs:
  • T1177 - LSASS Driver
  • T1027.014 - Polymorphic Code
MITREへのリンク →

Axiom

Score: 7.97
Matched TTPs:
  • T1177 - LSASS Driver
  • T1157 - Dylib Hijacking
  • T1218.010 - Regsvr32
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Fox Kitten

Score: 6.01
Matched TTPs:
  • T1177 - LSASS Driver
  • T1219.001 - IDE Tunneling
  • T1157 - Dylib Hijacking
MITREへのリンク →

Medusa Group

Score: 8.87
Matched TTPs:
  • T1219.001 - IDE Tunneling
  • T1608.005 - Link Target
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

Velvet Ant

Score: 4.83
Matched TTPs:
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1597 - Search Closed Sources
MITREへのリンク →

Chimera

Score: 10.97
Matched TTPs:
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
  • T1087.004 - Cloud Account
  • T1157 - Dylib Hijacking
  • T1574 - Hijack Execution Flow
MITREへのリンク →

Lotus Blossom

Score: 3.03
Matched TTPs:
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
MITREへのリンク →

ToddyCat

Score: 3.03
Matched TTPs:
  • T1219.001 - IDE Tunneling
  • T1055.004 - Asynchronous Procedure Call
MITREへのリンク →

Winter Vivern

Score: 8.66
Matched TTPs:
  • T1219.001 - IDE Tunneling
  • T1087.004 - Cloud Account
  • T1218.001 - Compiled HTML File
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

Windigo

Score: 3.06
Matched TTPs:
  • T1219.001 - IDE Tunneling
  • T1059.012 - Hypervisor CLI
MITREへのリンク →

INC Ransom

Score: 7.30
Matched TTPs:
  • T1055.004 - Asynchronous Procedure Call
  • T1597 - Search Closed Sources
  • T1157 - Dylib Hijacking
  • T1027 - Obfuscated Files or Information
MITREへのリンク →

POLONIUM

Score: 3.44
Matched TTPs:
  • T1608.005 - Link Target
  • T1157 - Dylib Hijacking
MITREへのリンク →

SilverTerrier

Score: 3.62
Matched TTPs:
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Rocke

Score: 5.42
Matched TTPs:
  • T1597 - Search Closed Sources
  • T1059.013 - Container CLI/API
MITREへのリンク →

Volatile Cedar

Score: 4.13
Matched TTPs:
  • T1002 - Data Compressed
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1091 - Replication Through Removable Media
  • T1037 - Boot or Logon Initialization Scripts
  • T1087.002 - Domain Account
  • T1218.012 - Verclsid
  • T1087.004 - Cloud Account
  • T1608.005 - Link Target
  • T1055.014 - VDSO Hijacking
  • T1213.006 - Databases
  • T1219.001 - IDE Tunneling
  • T1606.002 - SAML Tokens
  • T1562.012 - Disable or Modify Linux Audit System
  • T1041 - Exfiltration Over C2 Channel
  • T1024 - Custom Cryptographic Protocol
  • T1597 - Search Closed Sources
  • T1027.014 - Polymorphic Code
  • T1003.003 - NTDS
  • T1566.002 - Spearphishing Link
MITREへのリンク →

Scattered Spider

Score: 0.68
Matched TTPs:
  • T1685.004 - Disable or Modify Linux Audit System Log
  • T1087.004 - Cloud Account
  • T1027 - Obfuscated Files or Information
  • T1019 - System Firmware
  • T1027.002 - Software Packing
  • T1219.001 - IDE Tunneling
  • T1619 - Cloud Storage Object Discovery
  • T1597 - Search Closed Sources
  • T1564.003 - Hidden Window
  • T1583.001 - Domains
  • T1039 - Data from Network Shared Drive
  • T1027.005 - Indicator Removal from Tools
  • T1566.002 - Spearphishing Link
  • T1157 - Dylib Hijacking
MITREへのリンク →

APT41

Score: 0.62
Matched TTPs:
  • T1055.004 - Asynchronous Procedure Call
  • T1002 - Data Compressed
  • T1177 - LSASS Driver
  • T1218.010 - Regsvr32
  • T1027 - Obfuscated Files or Information
  • T1219.001 - IDE Tunneling
  • T1584.008 - Network Devices
  • T1562.012 - Disable or Modify Linux Audit System
  • T1041 - Exfiltration Over C2 Channel
  • T1564.003 - Hidden Window
  • T1048 - Exfiltration Over Alternative Protocol
  • T1574.002 - DLL Side-Loading
  • T1157 - Dylib Hijacking
  • T1071.004 - DNS
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る