Trusted Design

Widespread GitHub Actions Tag Compromise Exposes CI/CD Secrets

概要

A new supply chain attack targeting Trivy has compromised 75 out of 76 version tags in the aquasecurity/trivy-action GitHub repository. The attacker force-pushed these tags to serve malicious payloads, effectively turning trusted version references into a distribution mechanism for an infostealer. The malicious code executes within GitHub Actions runners, targeting sensitive data in CI/CD environments. It harvests secrets from runner process memory and the filesystem, encrypts the collected data, and exfiltrates it to an attacker-controlled endpoint or a fallback GitHub-based channel. The attack's scope is significant, potentially affecting over 10,000 workflow files on GitHub referencing this action.

Created: 2026-03-20

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

HAFNIUM

Score: 17.43
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1213.002 - Sharepoint
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1593.003 - Code Repositories
  • T1083 - File and Directory Discovery
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

menuPass

Score: 10.57
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
MITREへのリンク →

Wizard Spider

Score: 17.54
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1518.002 - Backup Software Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

APT33

Score: 9.13
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1552.001 - Credentials In Files
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Fox Kitten

Score: 11.60
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1078 - Valid Accounts
MITREへのリンク →

CopyKittens

Score: 4.75
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1560.003 - Archive via Custom Method
MITREへのリンク →

Volt Typhoon

Score: 17.59
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1584.004 - Server
  • T1518 - Software Discovery
  • T1596.005 - Scan Databases
MITREへのリンク →

Mustang Panda

Score: 30.20
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1176.002 - IDE Extensions
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1608 - Stage Capabilities
  • T1041 - Exfiltration Over C2 Channel
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Play

Score: 13.12
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

Chimera

Score: 17.55
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1213.002 - Sharepoint
  • T1083 - File and Directory Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1078 - Valid Accounts
  • T1110.004 - Credential Stuffing
  • T1589.001 - Credentials
MITREへのリンク →

Sea Turtle

Score: 17.07
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1583.002 - DNS Server
  • T1213.006 - Databases
  • T1190 - Exploit Public-Facing Application
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT39

Score: 7.76
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1078 - Valid Accounts
MITREへのリンク →

RedCurl

Score: 7.51
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
MITREへのリンク →

APT5

Score: 10.80
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
MITREへのリンク →

Agrius

Score: 11.61
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

GALLIUM

Score: 9.05
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1041 - Exfiltration Over C2 Channel
  • T1078 - Valid Accounts
MITREへのリンク →

APT41

Score: 37.42
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1595.003 - Wordlist Scanning
  • T1030 - Data Transfer Size Limits
  • T1213.003 - Code Repositories
  • T1596.005 - Scan Databases
  • T1008 - Fallback Channels
MITREへのリンク →

MuddyWater

Score: 24.99
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1218.003 - CMSTP
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1027.004 - Compile After Delivery
  • T1518 - Software Discovery
MITREへのリンク →

APT28

Score: 28.72
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1213.002 - Sharepoint
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1030 - Data Transfer Size Limits
  • T1213 - Data from Information Repositories
MITREへのリンク →

Turla

Score: 18.96
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1213.006 - Databases
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1068 - Exploitation for Privilege Escalation
  • T1555.004 - Windows Credential Manager
  • T1584.004 - Server
MITREへのリンク →

BRONZE BUTLER

Score: 11.12
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

UNC3886

Score: 23.99
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1681 - Search Threat Vendor Data
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1203 - Exploitation for Client Execution
  • T1008 - Fallback Channels
MITREへのリンク →

Kimsuky

Score: 26.30
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT3

Score: 12.17
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1041 - Exfiltration Over C2 Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

FIN8

Score: 7.45
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Ke3chang

Score: 19.58
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1213.002 - Sharepoint
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1078 - Valid Accounts
MITREへのリンク →

Lotus Blossom

Score: 9.89
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1560.003 - Archive via Custom Method
  • T1083 - File and Directory Discovery
  • T1134 - Access Token Manipulation
MITREへのリンク →

FIN13

Score: 17.89
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1134.003 - Make and Impersonate Token
MITREへのリンク →

Earth Lusca

Score: 10.21
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1218.005 - Mshta
  • T1584.004 - Server
MITREへのリンク →

Magic Hound

Score: 22.78
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1589.001 - Credentials
  • T1591.001 - Determine Physical Locations
MITREへのリンク →

Aquatic Panda

Score: 3.39
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

INC Ransom

Score: 8.63
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Akira

Score: 14.98
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1213.002 - Sharepoint
  • T1558 - Steal or Forge Kerberos Tickets
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

ToddyCat

Score: 4.36
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
MITREへのリンク →

LAPSUS$

Score: 30.33
Matched TTPs:
  • T1213.002 - Sharepoint
  • T1598.004 - Spearphishing Voice
  • T1593.003 - Code Repositories
  • T1204 - User Execution
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1589.001 - Credentials
  • T1578.002 - Create Cloud Instance
  • T1213.003 - Code Repositories
MITREへのリンク →

Contagious Interview

Score: 28.38
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1681 - Search Threat Vendor Data
  • T1593.003 - Code Repositories
  • T1204.005 - Malicious Library
  • T1083 - File and Directory Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

FIN6

Score: 15.94
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1213.006 - Databases
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1134 - Access Token Manipulation
MITREへのリンク →

Lazarus Group

Score: 25.47
Matched TTPs:
  • T1560.003 - Archive via Custom Method
  • T1587.001 - Malware
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
  • T1584.004 - Server
  • T1008 - Fallback Channels
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Daggerfly

Score: 8.35
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1195.002 - Compromise Software Supply Chain
  • T1584.004 - Server
MITREへのリンク →

APT29

Score: 29.72
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1649 - Steal or Forge Authentication Certificates
  • T1218.005 - Mshta
  • T1021.007 - Cloud Services
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1203 - Exploitation for Client Execution
  • T1027.006 - HTML Smuggling
MITREへのリンク →

Dragonfly

Score: 24.25
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1598.002 - Spearphishing Attachment
  • T1078 - Valid Accounts
  • T1187 - Forced Authentication
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1584.004 - Server
MITREへのリンク →

Threat Group-3390

Score: 21.55
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

Ember Bear

Score: 15.91
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Axiom

Score: 11.52
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1078 - Valid Accounts
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

HEXANE

Score: 12.19
Matched TTPs:
  • T1583.002 - DNS Server
  • T1608.001 - Upload Malware
  • T1534 - Internal Spearphishing
  • T1518 - Software Discovery
MITREへのリンク →

Moonstone Sleet

Score: 11.80
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1486 - Data Encrypted for Impact
  • T1195.002 - Compromise Software Supply Chain
MITREへのリンク →

Indrik Spider

Score: 13.01
Matched TTPs:
  • T1587.001 - Malware
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1584.004 - Server
MITREへのリンク →

OilRig

Score: 33.37
Matched TTPs:
  • T1587.001 - Malware
  • T1556.002 - Password Filter DLL
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1036 - Masquerading
  • T1552.001 - Credentials In Files
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1203 - Exploitation for Client Execution
  • T1137.004 - Outlook Home Page
  • T1555.004 - Windows Credential Manager
  • T1008 - Fallback Channels
MITREへのリンク →

LuminousMoth

Score: 14.63
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1608.005 - Link Target
  • T1041 - Exfiltration Over C2 Channel
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

Sandworm Team

Score: 35.79
Matched TTPs:
  • T1587.001 - Malware
  • T1213.006 - Databases
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1592.002 - Software
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
  • T1584.004 - Server
MITREへのリンク →

Salt Typhoon

Score: 8.10
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1602.002 - Network Device Configuration Dump
MITREへのリンク →

Aoqin Dragon

Score: 7.07
Matched TTPs:
  • T1587.001 - Malware
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Moses Staff

Score: 3.57
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

TeamTNT

Score: 11.87
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

FIN7

Score: 21.86
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1195.002 - Compromise Software Supply Chain
  • T1008 - Fallback Channels
MITREへのリンク →

Scattered Spider

Score: 52.93
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1070.008 - Clear Mailbox Data
  • T1598.004 - Spearphishing Voice
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
  • T1021.007 - Cloud Services
  • T1204 - User Execution
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
  • T1556.009 - Conditional Access Policies
  • T1578.002 - Create Cloud Instance
  • T1213.003 - Code Repositories
  • T1538 - Cloud Service Dashboard
MITREへのリンク →

Storm-0501

Score: 15.92
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1021.007 - Cloud Services
  • T1486 - Data Encrypted for Impact
  • T1556.009 - Conditional Access Policies
MITREへのリンク →

Sidewinder

Score: 13.96
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Silent Librarian

Score: 7.73
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
  • T1078 - Valid Accounts
MITREへのリンク →

ZIRCONIUM

Score: 8.71
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1036 - Masquerading
  • T1041 - Exfiltration Over C2 Channel
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

APT32

Score: 15.82
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1068 - Exploitation for Privilege Escalation
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Star Blizzard

Score: 9.48
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.001 - Upload Malware
  • T1598.002 - Spearphishing Attachment
  • T1078 - Valid Accounts
MITREへのリンク →

CURIUM

Score: 4.43
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Patchwork

Score: 5.25
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Strider

Score: 8.26
Matched TTPs:
  • T1556.002 - Password Filter DLL
  • T1564.005 - Hidden File System
MITREへのリンク →

TA2541

Score: 6.11
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

LazyScripter

Score: 6.50
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1036 - Masquerading
  • T1218.005 - Mshta
MITREへのリンク →

Gamaredon Group

Score: 16.63
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
MITREへのリンク →

SideCopy

Score: 10.68
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1518 - Software Discovery
MITREへのリンク →

TA505

Score: 8.63
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1552.001 - Credentials In Files
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

BlackByte

Score: 17.21
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1134.003 - Make and Impersonate Token
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

BITTER

Score: 5.56
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1068 - Exploitation for Privilege Escalation
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Saint Bear

Score: 5.26
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1562.001 - Disable or Modify Tools
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

EXOTIC LILY

Score: 3.47
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT42

Score: 6.11
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1070.008 - Clear Mailbox Data
MITREへのリンク →

Rocke

Score: 6.89
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
MITREへのリンク →

GOLD SOUTHFIELD

Score: 4.40
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1195.002 - Compromise Software Supply Chain
MITREへのリンク →

Medusa Group

Score: 16.09
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1608.002 - Upload Tool
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Blue Mockingbird

Score: 5.31
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1134 - Access Token Manipulation
MITREへのリンク →

Winter Vivern

Score: 6.93
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1036 - Masquerading
  • T1083 - File and Directory Discovery
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Leviathan

Score: 16.26
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1041 - Exfiltration Over C2 Channel
  • T1534 - Internal Spearphishing
  • T1078 - Valid Accounts
  • T1589.001 - Credentials
  • T1203 - Exploitation for Client Execution
  • T1584.004 - Server
MITREへのリンク →

Volatile Cedar

Score: 5.60
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

Windshift

Score: 4.93
Matched TTPs:
  • T1036 - Masquerading
  • T1518 - Software Discovery
MITREへのリンク →

Storm-1811

Score: 4.53
Matched TTPs:
  • T1036 - Masquerading
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

TA551

Score: 4.53
Matched TTPs:
  • T1036 - Masquerading
  • T1218.005 - Mshta
MITREへのリンク →

PLATINUM

Score: 8.82
Matched TTPs:
  • T1036 - Masquerading
  • T1068 - Exploitation for Privilege Escalation
  • T1056.004 - Credential API Hooking
MITREへのリンク →

Cobalt Group

Score: 10.65
Matched TTPs:
  • T1218.003 - CMSTP
  • T1068 - Exploitation for Privilege Escalation
  • T1195.002 - Compromise Software Supply Chain
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Deep Panda

Score: 3.29
Matched TTPs:
  • T1546.008 - Accessibility Features
MITREへのリンク →

APT38

Score: 11.40
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Inception

Score: 7.88
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Velvet Ant

Score: 3.10
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Tropic Trooper

Score: 5.54
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1203 - Exploitation for Client Execution
  • T1518 - Software Discovery
MITREへのリンク →

Confucius

Score: 7.11
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Windigo

Score: 4.05
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1518 - Software Discovery
MITREへのリンク →

Leafminer

Score: 3.82
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1552.001 - Credentials In Files
MITREへのリンク →

Higaisa

Score: 3.47
Matched TTPs:
  • T1041 - Exfiltration Over C2 Channel
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

Stealth Falcon

Score: 5.59
Matched TTPs:
  • T1041 - Exfiltration Over C2 Channel
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Tonto Team

Score: 3.59
Matched TTPs:
  • T1068 - Exploitation for Privilege Escalation
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

DarkHydrus

Score: 4.13
Matched TTPs:
  • T1187 - Forced Authentication
MITREへのリンク →

Andariel

Score: 5.34
Matched TTPs:
  • T1592.002 - Software
  • T1203 - Exploitation for Client Execution
MITREへのリンク →

APT37

Score: 5.12
Matched TTPs:
  • T1203 - Exploitation for Client Execution
  • T1529 - System Shutdown/Reboot
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Scattered Spider

Score: 0.70
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1556.009 - Conditional Access Policies
  • T1204 - User Execution
  • T1486 - Data Encrypted for Impact
  • T1598.003 - Spearphishing Link
  • T1538 - Cloud Service Dashboard
  • T1068 - Exploitation for Privilege Escalation
  • T1578.002 - Create Cloud Instance
  • T1552.001 - Credentials In Files
  • T1041 - Exfiltration Over C2 Channel
  • T1083 - File and Directory Discovery
  • T1070.008 - Clear Mailbox Data
  • T1078 - Valid Accounts
  • T1598.004 - Spearphishing Voice
  • T1021.007 - Cloud Services
  • T1562.001 - Disable or Modify Tools
  • T1213.003 - Code Repositories
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る