Trusted Design

North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack

概要

Google Threat Intelligence Group (GTIG) is tracking an active software supply chain attack targeting the popular Node Package Manager (NPM) package "axios." Between March 31, 2026, 00:21 and 03:20 UTC, an attacker introduced a malicious dependency named "plain-crypto-js" into axios NPM releases versions 1.14.1 and 0.30.4. Axios is the most popular JavaScript library used to simplify HTTP requests, and these packages typically have over 100 million and 83 million weekly downloads, respectively. This malicious dependency is an obfuscated dropper that deploys the WAVESHAPER.V2 backdoor across Windows, macOS, and Linux.

Created: 2026-04-04

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

HAFNIUM

Score: 14.36
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1068 - Exploitation for Privilege Escalation
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

menuPass

Score: 15.17
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Wizard Spider

Score: 26.32
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1518.002 - Backup Software Discovery
  • T1016 - System Network Configuration Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
MITREへのリンク →

APT33

Score: 4.56
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.001 - Spearphishing Attachment
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

Fox Kitten

Score: 12.75
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1110 - Brute Force
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Volt Typhoon

Score: 17.29
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1010 - Application Window Discovery
  • T1589 - Gather Victim Identity Information
  • T1016 - System Network Configuration Discovery
  • T1068 - Exploitation for Privilege Escalation
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

APT1

Score: 6.68
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.001 - Spearphishing Attachment
  • T1016 - System Network Configuration Discovery
  • T1550.002 - Pass the Hash
MITREへのリンク →

Mustang Panda

Score: 22.79
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1052.001 - Exfiltration over USB
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Play

Score: 9.97
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
MITREへのリンク →

Chimera

Score: 16.81
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1071.004 - DNS
  • T1016 - System Network Configuration Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
MITREへのリンク →

Sea Turtle

Score: 18.69
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1583.002 - DNS Server
  • T1213.006 - Databases
  • T1190 - Exploit Public-Facing Application
  • T1608.003 - Install Digital Certificate
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT39

Score: 15.12
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1071.004 - DNS
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1041 - Exfiltration Over C2 Channel
  • T1110 - Brute Force
  • T1018 - Remote System Discovery
  • T1569.002 - Service Execution
MITREへのリンク →

RedCurl

Score: 4.56
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
MITREへのリンク →

APT5

Score: 11.96
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
MITREへのリンク →

Agrius

Score: 13.49
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1041 - Exfiltration Over C2 Channel
  • T1110 - Brute Force
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
MITREへのリンク →

GALLIUM

Score: 16.67
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
MITREへのリンク →

APT41

Score: 46.11
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1071.004 - DNS
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
  • T1016 - System Network Configuration Discovery
  • T1546.008 - Accessibility Features
  • T1071.002 - File Transfer Protocols
  • T1110 - Brute Force
  • T1486 - Data Encrypted for Impact
  • T1595.003 - Wordlist Scanning
  • T1213.003 - Code Repositories
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
  • T1480.001 - Environmental Keying
MITREへのリンク →

MuddyWater

Score: 22.31
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1218.003 - CMSTP
  • T1016 - System Network Configuration Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1027.003 - Steganography
  • T1027.004 - Compile After Delivery
MITREへのリンク →

APT28

Score: 22.41
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1110 - Brute Force
  • T1068 - Exploitation for Privilege Escalation
  • T1189 - Drive-by Compromise
  • T1498 - Network Denial of Service
  • T1550.002 - Pass the Hash
  • T1003.003 - NTDS
MITREへのリンク →

Turla

Score: 20.96
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1213.006 - Databases
  • T1055 - Process Injection
  • T1016 - System Network Configuration Discovery
  • T1110 - Brute Force
  • T1562.001 - Disable or Modify Tools
  • T1068 - Exploitation for Privilege Escalation
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
MITREへのリンク →

BRONZE BUTLER

Score: 14.45
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.001 - Spearphishing Attachment
  • T1550.003 - Pass the Ticket
  • T1562.001 - Disable or Modify Tools
  • T1027.003 - Steganography
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
MITREへのリンク →

UNC3886

Score: 15.53
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1205.001 - Port Knocking
  • T1562.001 - Disable or Modify Tools
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

Kimsuky

Score: 40.81
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1071.002 - File Transfer Protocols
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1550.002 - Pass the Hash
  • T1588.005 - Exploits
MITREへのリンク →

APT3

Score: 9.86
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1016 - System Network Configuration Discovery
  • T1546.008 - Accessibility Features
  • T1041 - Exfiltration Over C2 Channel
  • T1018 - Remote System Discovery
MITREへのリンク →

FIN8

Score: 12.98
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1566.001 - Spearphishing Attachment
  • T1055.004 - Asynchronous Procedure Call
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

Ke3chang

Score: 24.07
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
MITREへのリンク →

Lotus Blossom

Score: 4.61
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1016 - System Network Configuration Discovery
  • T1018 - Remote System Discovery
MITREへのリンク →

FIN13

Score: 21.37
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1016 - System Network Configuration Discovery
  • T1134.003 - Make and Impersonate Token
  • T1550.002 - Pass the Hash
  • T1003.003 - NTDS
MITREへのリンク →

Earth Lusca

Score: 15.19
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1016 - System Network Configuration Discovery
  • T1218.005 - Mshta
  • T1027.003 - Steganography
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
MITREへのリンク →

Magic Hound

Score: 22.23
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Aquatic Panda

Score: 6.14
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1562.001 - Disable or Modify Tools
  • T1550.002 - Pass the Hash
MITREへのリンク →

INC Ransom

Score: 9.60
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1569.002 - Service Execution
MITREへのリンク →

Akira

Score: 11.81
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1558 - Steal or Forge Kerberos Tickets
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

ToddyCat

Score: 9.47
Matched TTPs:
  • T1560.001 - Archive via Utility
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1018 - Remote System Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Contagious Interview

Score: 26.21
Matched TTPs:
  • T1588.007 - Artificial Intelligence
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1204.005 - Malicious Library
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Mustard Tempest

Score: 8.28
Matched TTPs:
  • T1583.008 - Malvertising
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
MITREへのリンク →

Daggerfly

Score: 7.64
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT29

Score: 29.79
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1550.003 - Pass the Ticket
  • T1218.005 - Mshta
  • T1068 - Exploitation for Privilege Escalation
  • T1027.006 - HTML Smuggling
  • T1665 - Hide Infrastructure
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dragonfly

Score: 26.62
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1598.002 - Spearphishing Attachment
  • T1071.002 - File Transfer Protocols
  • T1110 - Brute Force
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Threat Group-3390

Score: 17.91
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1560.002 - Archive via Library
  • T1016 - System Network Configuration Discovery
  • T1068 - Exploitation for Privilege Escalation
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
MITREへのリンク →

Ember Bear

Score: 23.39
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1071.004 - DNS
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1110 - Brute Force
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
  • T1588.005 - Exploits
MITREへのリンク →

Axiom

Score: 10.37
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1189 - Drive-by Compromise
MITREへのリンク →

HEXANE

Score: 21.75
Matched TTPs:
  • T1583.002 - DNS Server
  • T1608.001 - Upload Malware
  • T1010 - Application Window Discovery
  • T1589 - Gather Victim Identity Information
  • T1016 - System Network Configuration Discovery
  • T1534 - Internal Spearphishing
  • T1110 - Brute Force
  • T1018 - Remote System Discovery
MITREへのリンク →

LazyScripter

Score: 7.93
Matched TTPs:
  • T1071.004 - DNS
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
MITREへのリンク →

Cobalt Group

Score: 12.31
Matched TTPs:
  • T1071.004 - DNS
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1218.003 - CMSTP
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

OilRig

Score: 31.16
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1556.002 - Password Filter DLL
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1110 - Brute Force
  • T1068 - Exploitation for Privilege Escalation
  • T1137.004 - Outlook Home Page
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Tropic Trooper

Score: 12.26
Matched TTPs:
  • T1071.004 - DNS
  • T1566.001 - Spearphishing Attachment
  • T1016 - System Network Configuration Discovery
  • T1052.001 - Exfiltration over USB
  • T1027.003 - Steganography
MITREへのリンク →

FIN7

Score: 22.42
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1486 - Data Encrypted for Impact
  • T1569.002 - Service Execution
MITREへのリンク →

Moonstone Sleet

Score: 16.13
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1486 - Data Encrypted for Impact
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 7.78
Matched TTPs:
  • T1587.001 - Malware
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

Lazarus Group

Score: 28.44
Matched TTPs:
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1560.002 - Archive via Library
  • T1010 - Application Window Discovery
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

LuminousMoth

Score: 9.89
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1608.005 - Link Target
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Sandworm Team

Score: 29.07
Matched TTPs:
  • T1587.001 - Malware
  • T1213.006 - Databases
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1195 - Supply Chain Compromise
  • T1190 - Exploit Public-Facing Application
  • T1041 - Exfiltration Over C2 Channel
  • T1486 - Data Encrypted for Impact
  • T1499 - Endpoint Denial of Service
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Salt Typhoon

Score: 5.91
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
MITREへのリンク →

Moses Staff

Score: 7.38
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
MITREへのリンク →

TeamTNT

Score: 14.21
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1610 - Deploy Container
  • T1016 - System Network Configuration Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Scattered Spider

Score: 31.06
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1016 - System Network Configuration Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
  • T1213.003 - Code Repositories
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Storm-0501

Score: 10.47
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1110 - Brute Force
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

FIN6

Score: 17.19
Matched TTPs:
  • T1213.006 - Databases
  • T1566.001 - Spearphishing Attachment
  • T1562.001 - Disable or Modify Tools
  • T1068 - Exploitation for Privilege Escalation
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Sidewinder

Score: 10.77
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1016 - System Network Configuration Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

Silent Librarian

Score: 6.30
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1608.005 - Link Target
MITREへのリンク →

ZIRCONIUM

Score: 12.13
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1016 - System Network Configuration Discovery
  • T1041 - Exfiltration Over C2 Channel
  • T1068 - Exploitation for Privilege Escalation
  • T1665 - Hide Infrastructure
MITREへのリンク →

APT32

Score: 34.15
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1055 - Process Injection
  • T1589 - Gather Victim Identity Information
  • T1016 - System Network Configuration Discovery
  • T1550.003 - Pass the Ticket
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1068 - Exploitation for Privilege Escalation
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
  • T1569.002 - Service Execution
MITREへのリンク →

Star Blizzard

Score: 11.86
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

CURIUM

Score: 9.59
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1041 - Exfiltration Over C2 Channel
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 5.10
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
MITREへのリンク →

Saint Bear

Score: 4.64
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Windshift

Score: 5.16
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Gamaredon Group

Score: 18.66
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1055 - Process Injection
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Darkhotel

Score: 4.11
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1016 - System Network Configuration Discovery
  • T1189 - Drive-by Compromise
MITREへのリンク →

BITTER

Score: 4.94
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1068 - Exploitation for Privilege Escalation
MITREへのリンク →

Inception

Score: 3.22
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
MITREへのリンク →

EXOTIC LILY

Score: 9.22
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1593.001 - Social Media
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ajax Security Team

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA551

Score: 6.25
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
  • T1027.003 - Steganography
MITREへのリンク →

Winter Vivern

Score: 6.08
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1041 - Exfiltration Over C2 Channel
  • T1189 - Drive-by Compromise
MITREへのリンク →

Higaisa

Score: 4.32
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1016 - System Network Configuration Discovery
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Confucius

Score: 5.19
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Leviathan

Score: 12.74
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1041 - Exfiltration Over C2 Channel
  • T1534 - Internal Spearphishing
  • T1027.003 - Steganography
  • T1189 - Drive-by Compromise
MITREへのリンク →

Naikon

Score: 3.89
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1016 - System Network Configuration Discovery
  • T1018 - Remote System Discovery
MITREへのリンク →

APT19

Score: 4.11
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1016 - System Network Configuration Discovery
  • T1189 - Drive-by Compromise
MITREへのリンク →

SideCopy

Score: 10.28
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

Andariel

Score: 5.67
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1027.003 - Steganography
  • T1189 - Drive-by Compromise
MITREへのリンク →

TA2541

Score: 9.44
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1055 - Process Injection
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

TA505

Score: 6.99
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

APT37

Score: 8.13
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1027.003 - Steganography
  • T1189 - Drive-by Compromise
MITREへのリンク →

Silence

Score: 7.27
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1018 - Remote System Discovery
  • T1569.002 - Service Execution
MITREへのリンク →

APT38

Score: 26.66
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1218.005 - Mshta
  • T1110 - Brute Force
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1036.003 - Rename Legitimate Utilities
  • T1565.002 - Transmitted Data Manipulation
  • T1189 - Drive-by Compromise
  • T1569.002 - Service Execution
MITREへのリンク →

PLATINUM

Score: 7.19
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1068 - Exploitation for Privilege Escalation
  • T1189 - Drive-by Compromise
MITREへのリンク →

Strider

Score: 8.26
Matched TTPs:
  • T1556.002 - Password Filter DLL
  • T1564.005 - Hidden File System
MITREへのリンク →

BlackByte

Score: 25.99
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1134.003 - Make and Impersonate Token
  • T1041 - Exfiltration Over C2 Channel
  • T1562.001 - Disable or Modify Tools
  • T1068 - Exploitation for Privilege Escalation
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
  • T1569.002 - Service Execution
MITREへのリンク →

APT42

Score: 3.44
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1016 - System Network Configuration Discovery
MITREへのリンク →

Rocke

Score: 10.77
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1018 - Remote System Discovery
MITREへのリンク →

Medusa Group

Score: 20.24
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1016 - System Network Configuration Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1650 - Acquire Access
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
  • T1569.002 - Service Execution
MITREへのリンク →

Blue Mockingbird

Score: 3.87
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1569.002 - Service Execution
MITREへのリンク →

Volatile Cedar

Score: 5.60
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

Velvet Ant

Score: 8.99
Matched TTPs:
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1562.001 - Disable or Modify Tools
  • T1569.002 - Service Execution
MITREへのリンク →

LAPSUS$

Score: 15.34
Matched TTPs:
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1068 - Exploitation for Privilege Escalation
  • T1213.003 - Code Repositories
  • T1003.003 - NTDS
MITREへのリンク →

Stealth Falcon

Score: 3.44
Matched TTPs:
  • T1016 - System Network Configuration Discovery
  • T1041 - Exfiltration Over C2 Channel
MITREへのリンク →

Deep Panda

Score: 4.83
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1018 - Remote System Discovery
MITREへのリンク →

Equation

Score: 12.80
Matched TTPs:
  • T1542.002 - Component Firmware
  • T1564.005 - Hidden File System
  • T1480.001 - Environmental Keying
MITREへのリンク →

PROMETHIUM

Score: 5.90
Matched TTPs:
  • T1205.001 - Port Knocking
  • T1189 - Drive-by Compromise
MITREへのリンク →

SilverTerrier

Score: 3.62
Matched TTPs:
  • T1071.002 - File Transfer Protocols
MITREへのリンク →

DarkVishnya

Score: 7.06
Matched TTPs:
  • T1110 - Brute Force
  • T1200 - Hardware Additions
MITREへのリンク →

FIN5

Score: 4.07
Matched TTPs:
  • T1110 - Brute Force
  • T1018 - Remote System Discovery
MITREへのリンク →

Storm-1811

Score: 4.86
Matched TTPs:
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Dark Caracal

Score: 4.29
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Leafminer

Score: 3.31
Matched TTPs:
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT41

Score: 0.70
Matched TTPs:
  • T1071.002 - File Transfer Protocols
  • T1569.002 - Service Execution
  • T1566.001 - Spearphishing Attachment
  • T1071.004 - DNS
  • T1016 - System Network Configuration Discovery
  • T1560.001 - Archive via Utility
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
  • T1003.003 - NTDS
  • T1190 - Exploit Public-Facing Application
  • T1480.001 - Environmental Keying
  • T1595.003 - Wordlist Scanning
  • T1055 - Process Injection
  • T1213.003 - Code Repositories
  • T1110 - Brute Force
  • T1546.008 - Accessibility Features
  • T1003.002 - Security Account Manager
MITREへのリンク →

Kimsuky

Score: 0.62
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1562.001 - Disable or Modify Tools
  • T1218.005 - Mshta
  • T1071.002 - File Transfer Protocols
  • T1566.001 - Spearphishing Attachment
  • T1534 - Internal Spearphishing
  • T1041 - Exfiltration Over C2 Channel
  • T1016 - System Network Configuration Discovery
  • T1560.001 - Archive via Utility
  • T1550.002 - Pass the Hash
  • T1190 - Exploit Public-Facing Application
  • T1588.005 - Exploits
  • T1562.004 - Disable or Modify System Firewall
  • T1598.003 - Spearphishing Link
  • T1055 - Process Injection
  • T1593.001 - Social Media
  • T1587.001 - Malware
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る