Multiple Chinese APT Groups Quickly Use Flash Zero-Day
概要
The FireEye as a Service team detected independent phishing campaigns conducted by two Chinese advanced persistent threat (APT) groups that we track, APT3 and APT18. Each threat group quickly took advantage of a zero-day vulnerability (CVE-2015-5119), which was leaked in the disclosure of Hacking Team’s internal data. Adobe released a patch for the vulnerability on July 8, 2015. Before that patch was released, the groups launched phishing campaigns against multiple companies in the aerospace and defense, construction and engineering, education, energy, health and biotechnology, high tech, non-profit, telecommunications, and transportation industries.
Created: 2026-02-23
Indicators
類似Pulses
このPulseに関連する脅威アクター (事実ベース)
Score: 8.26
Matched TTPs:
- T1491.002 - External Defacement
- T1588.005 - Exploits
MITREへのリンク →
Score: 16.38
Matched TTPs:
- T1491.002 - External Defacement
- T1587.001 - Malware
- T1588.006 - Vulnerabilities
- T1598.003 - Spearphishing Link
- T1591.002 - Business Relationships
MITREへのリンク →
Score: 20.71
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1598 - Phishing for Information
- T1588.005 - Exploits
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 5.02
Matched TTPs:
- T1587.001 - Malware
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 11.28
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1591 - Gather Victim Org Information
- T1598 - Phishing for Information
MITREへのリンク →
Score: 16.51
Matched TTPs:
- T1587.001 - Malware
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1008 - Fallback Channels
- T1090.001 - Internal Proxy
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 14.83
Matched TTPs:
- T1587.001 - Malware
- T1681 - Search Threat Vendor Data
- T1593.003 - Code Repositories
- T1583.006 - Web Services
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 14.58
Matched TTPs:
- T1587.001 - Malware
- T1069.001 - Local Groups
- T1027.005 - Indicator Removal from Tools
- T1008 - Fallback Channels
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 12.82
Matched TTPs:
- T1587.001 - Malware
- T1681 - Search Threat Vendor Data
- T1027.005 - Indicator Removal from Tools
- T1008 - Fallback Channels
MITREへのリンク →
Score: 4.84
Matched TTPs:
- T1587.001 - Malware
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 4.11
Matched TTPs:
- T1587.001 - Malware
- T1583.006 - Web Services
MITREへのリンク →
Score: 13.34
Matched TTPs:
- T1587.001 - Malware
- T1583.006 - Web Services
- T1069.001 - Local Groups
- T1027.005 - Indicator Removal from Tools
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 9.31
Matched TTPs:
- T1587.001 - Malware
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 14.96
Matched TTPs:
- T1587.001 - Malware
- T1583.006 - Web Services
- T1497.002 - User Activity Based Checks
- T1591 - Gather Victim Org Information
- T1008 - Fallback Channels
MITREへのリンク →
Score: 13.21
Matched TTPs:
- T1588.006 - Vulnerabilities
- T1591 - Gather Victim Org Information
- T1069.001 - Local Groups
- T1090.001 - Internal Proxy
MITREへのリンク →
Score: 3.84
Matched TTPs:
- T1588.006 - Vulnerabilities
MITREへのリンク →
Score: 10.44
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1598 - Phishing for Information
- T1538 - Cloud Service Dashboard
MITREへのリンク →
Score: 7.91
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1598 - Phishing for Information
MITREへのリンク →
Score: 7.22
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 4.47
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
MITREへのリンク →
Score: 15.33
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
- T1598 - Phishing for Information
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 6.30
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1591.002 - Business Relationships
MITREへのリンク →
Score: 8.90
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1027.005 - Indicator Removal from Tools
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 7.69
Matched TTPs:
- T1591.002 - Business Relationships
- T1593.003 - Code Repositories
MITREへのリンク →
Score: 5.86
Matched TTPs:
- T1593.003 - Code Repositories
- T1583.006 - Web Services
MITREへのリンク →
Score: 6.88
Matched TTPs:
- T1552.006 - Group Policy Preferences
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 6.88
Matched TTPs:
- T1552.006 - Group Policy Preferences
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 4.13
Matched TTPs:
- T1497.002 - User Activity Based Checks
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 3.15
Matched TTPs:
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 6.72
Matched TTPs:
- T1008 - Fallback Channels
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 7.06
Matched TTPs:
- T1090.001 - Internal Proxy
- T1211 - Exploitation for Defense Evasion
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
Score: 3.29
Matched TTPs:
- T1102.001 - Dead Drop Resolver
MITREへのリンク →
このPulseに関連する脅威アクター (推論ベース)
Score: 0.81
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1102.001 - Dead Drop Resolver
- T1588.005 - Exploits
- T1598 - Phishing for Information
- T1583.006 - Web Services
- T1587.001 - Malware
- T1591 - Gather Victim Org Information
MITREへのリンク →
Score: 0.71
Matched TTPs:
- T1008 - Fallback Channels
- T1583.006 - Web Services
- T1587.001 - Malware
- T1090.001 - Internal Proxy
- T1591 - Gather Victim Org Information
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
MITREへのリンク →
Score: 0.68
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1588.006 - Vulnerabilities
- T1591.002 - Business Relationships
- T1587.001 - Malware
- T1491.002 - External Defacement
MITREへのリンク →
Score: 0.67
Matched TTPs:
- T1598.003 - Spearphishing Link
- T1598 - Phishing for Information
- T1211 - Exploitation for Defense Evasion
- T1583.006 - Web Services
- T1591 - Gather Victim Org Information
MITREへのリンク →
Score: 0.66
Matched TTPs:
- T1497.002 - User Activity Based Checks
- T1008 - Fallback Channels
- T1583.006 - Web Services
- T1587.001 - Malware
- T1591 - Gather Victim Org Information
MITREへのリンク →
Score: 0.63
Matched TTPs:
- T1008 - Fallback Channels
- T1587.001 - Malware
- T1069.001 - Local Groups
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 0.62
Matched TTPs:
- T1593.003 - Code Repositories
- T1583.006 - Web Services
- T1587.001 - Malware
- T1048.003 - Exfiltration Over Unencrypted Non-C2 Protocol
- T1681 - Search Threat Vendor Data
MITREへのリンク →
Score: 0.60
Matched TTPs:
- T1583.006 - Web Services
- T1587.001 - Malware
- T1090.001 - Internal Proxy
- T1069.001 - Local Groups
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1008 - Fallback Channels
- T1587.001 - Malware
- T1681 - Search Threat Vendor Data
- T1027.005 - Indicator Removal from Tools
MITREへのリンク →
Score: 0.59
Matched TTPs:
- T1591 - Gather Victim Org Information
- T1588.006 - Vulnerabilities
- T1090.001 - Internal Proxy
- T1069.001 - Local Groups
MITREへのリンク →
Related CVEs
Pulse – 脅威アクター グラフ
← Pulse一覧に戻る
Trusted Design