Trusted Design

Compromised TV and Government-Related Sites Lead to PoisonIvy

概要

A recent campaign compromised Taiwan and Hong Kong sites to deliver Flash exploits related to Hacking Team and eventually download PoisonIvy and other payloads in user systems. This campaign started on July 9, a few days after the Hacking Team announced it was hacked. The actors compromised the sites of a local television network, educational organizations, a religious institute, and a known political party in Taiwan; and a popular news site in Hong Kong. Note that the affected sites have consistent followers given the nature of their content. The affected educational organizations, for instance, are used to deliver employment exams for government employees. The Taiwanese television network involved has been producing and importing TV shows and movies for a decade.

Created: 2026-02-23

Indicators

類似Pulses

A VAST Malvertising Attack (score: 0.63)
Large malvertising campaign hits popular Dutch websites (score: 0.62)
Chinese Actors attacks on US Government and EU Media (score: 0.61)
Taiwan targeted with new cyberespionage backdoor Trojan (score: 0.61)
FBI Flash #68 (PlugX) (score: 0.60)

このPulseに関連する脅威アクター (事実ベース)

Ember Bear

Score: 8.26

Matched TTPs:

T1564.008 - Email Hiding Rules
T1003.003 - NTDS

MITREへのリンク →

Sandworm Team

Score: 30.55

Matched TTPs:

T1564.008 - Email Hiding Rules
T1484.002 - Trust Modification
T1091 - Replication Through Removable Media
T1546.008 - Accessibility Features
T1122 - Component Object Model Hijacking
T1102.003 - One-Way Communication
T1187 - Forced Authentication
T1547.002 - Authentication Package
T1546.016 - Installer Packages
T1027.018 - Invisible Unicode

MITREへのリンク →

Leviathan

Score: 8.33

Matched TTPs:

T1484.002 - Trust Modification
T1546.016 - Installer Packages
T1027.018 - Invisible Unicode

MITREへのリンク →

TA2541

Score: 6.08

Matched TTPs:

T1091 - Replication Through Removable Media
T1128 - Netsh Helper DLL
T1027.018 - Invisible Unicode

MITREへのリンク →

Earth Lusca

Score: 6.17

Matched TTPs:

T1091 - Replication Through Removable Media
T1546.016 - Installer Packages
T1027.018 - Invisible Unicode

MITREへのリンク →

Mustang Panda

Score: 10.75

Matched TTPs:

T1091 - Replication Through Removable Media
T1102.003 - One-Way Communication
T1055.005 - Thread Local Storage
T1027.018 - Invisible Unicode

MITREへのリンク →

LuminousMoth

Score: 3.33

Matched TTPs:

T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

Kimsuky

Score: 26.03

Matched TTPs:

T1091 - Replication Through Removable Media
T1546.008 - Accessibility Features
T1552.003 - Shell History
T1102.003 - One-Way Communication
T1690 - Prevent Command History Logging
T1547.002 - Authentication Package
T1027.018 - Invisible Unicode
T1003.003 - NTDS
T1490 - Inhibit System Recovery

MITREへのリンク →

Mustard Tempest

Score: 3.33

Matched TTPs:

T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

OilRig

Score: 6.08

Matched TTPs:

T1091 - Replication Through Removable Media
T1128 - Netsh Helper DLL
T1027.018 - Invisible Unicode

MITREへのリンク →

LazyScripter

Score: 3.33

Matched TTPs:

T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

Gamaredon Group

Score: 9.58

Matched TTPs:

T1091 - Replication Through Removable Media
T1606.001 - Web Cookies
T1547.002 - Authentication Package
T1027.018 - Invisible Unicode

MITREへのリンク →

Star Blizzard

Score: 5.26

Matched TTPs:

T1091 - Replication Through Removable Media
T1102.003 - One-Way Communication

MITREへのリンク →

Threat Group-3390

Score: 4.72

Matched TTPs:

T1091 - Replication Through Removable Media
T1122 - Component Object Model Hijacking

MITREへのリンク →

TA505

Score: 3.33

Matched TTPs:

T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

BlackByte

Score: 5.82

Matched TTPs:

T1091 - Replication Through Removable Media
T1606.001 - Web Cookies

MITREへのリンク →

BITTER

Score: 5.59

Matched TTPs:

T1091 - Replication Through Removable Media
T1683 - Generate Content

MITREへのリンク →

APT32

Score: 6.00

Matched TTPs:

T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode
T1490 - Inhibit System Recovery

MITREへのリンク →

HEXANE

Score: 4.37

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.002 - Authentication Package

MITREへのリンク →

Saint Bear

Score: 3.33

Matched TTPs:

T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode

MITREへのリンク →

Contagious Interview

Score: 12.99

Matched TTPs:

T1091 - Replication Through Removable Media
T1552.003 - Shell History
T1102.003 - One-Way Communication
T1690 - Prevent Command History Logging
T1027.018 - Invisible Unicode

MITREへのリンク →

FIN7

Score: 8.40

Matched TTPs:

T1091 - Replication Through Removable Media
T1547.002 - Authentication Package
T1027.018 - Invisible Unicode
T1490 - Inhibit System Recovery

MITREへのリンク →

EXOTIC LILY

Score: 7.18

Matched TTPs:

T1091 - Replication Through Removable Media
T1690 - Prevent Command History Logging
T1027.018 - Invisible Unicode

MITREへのリンク →

APT42

Score: 4.72

Matched TTPs:

T1091 - Replication Through Removable Media
T1128 - Netsh Helper DLL

MITREへのリンク →

Silent Librarian

Score: 3.84

Matched TTPs:

T1546.008 - Accessibility Features

MITREへのリンク →

Medusa Group

Score: 8.89

Matched TTPs:

T1552.003 - Shell History
T1128 - Netsh Helper DLL
T1216 - System Script Proxy Execution

MITREへのリンク →

Play

Score: 5.19

Matched TTPs:

T1552.003 - Shell History
T1490 - Inhibit System Recovery

MITREへのリンク →

Lazarus Group

Score: 16.83

Matched TTPs:

T1606.001 - Web Cookies
T1547.002 - Authentication Package
T1546.016 - Installer Packages
T1055.005 - Thread Local Storage
T1216 - System Script Proxy Execution

MITREへのリンク →

APT28

Score: 15.17

Matched TTPs:

T1122 - Component Object Model Hijacking
T1547.002 - Authentication Package
T1027.018 - Invisible Unicode
T1055.008 - Ptrace System Calls
T1546.007 - Netsh Helper DLL

MITREへのリンク →

RedCurl

Score: 6.85

Matched TTPs:

T1122 - Component Object Model Hijacking
T1128 - Netsh Helper DLL
T1027.018 - Invisible Unicode

MITREへのリンク →

APT29

Score: 10.39

Matched TTPs:

T1122 - Component Object Model Hijacking
T1683 - Generate Content
T1027.018 - Invisible Unicode
T1490 - Inhibit System Recovery

MITREへのリンク →

POLONIUM

Score: 5.14

Matched TTPs:

T1122 - Component Object Model Hijacking
T1547.002 - Authentication Package

MITREへのリンク →

HAFNIUM

Score: 9.54

Matched TTPs:

T1122 - Component Object Model Hijacking
T1055.008 - Ptrace System Calls
T1490 - Inhibit System Recovery

MITREへのリンク →

Sea Turtle

Score: 5.41

Matched TTPs:

T1122 - Component Object Model Hijacking
T1490 - Inhibit System Recovery

MITREへのリンク →

Volt Typhoon

Score: 6.12

Matched TTPs:

T1102.003 - One-Way Communication
T1546.016 - Installer Packages

MITREへのリンク →

Tropic Trooper

Score: 9.03

Matched TTPs:

T1683 - Generate Content
T1128 - Netsh Helper DLL
T1490 - Inhibit System Recovery

MITREへのリンク →

Magic Hound

Score: 11.22

Matched TTPs:

T1683 - Generate Content
T1187 - Forced Authentication
T1547.002 - Authentication Package
T1027.018 - Invisible Unicode

MITREへのリンク →

Andariel

Score: 3.84

Matched TTPs:

T1187 - Forced Authentication

MITREへのリンク →

APT37

Score: 6.02

Matched TTPs:

T1547.002 - Authentication Package
T1216 - System Script Proxy Execution

MITREへのリンク →

APT39

Score: 3.76

Matched TTPs:

T1547.002 - Authentication Package
T1027.018 - Invisible Unicode

MITREへのリンク →

Turla

Score: 9.26

Matched TTPs:

T1547.002 - Authentication Package
T1546.016 - Installer Packages
T1027.018 - Invisible Unicode
T1490 - Inhibit System Recovery

MITREへのリンク →

MuddyWater

Score: 3.76

Matched TTPs:

T1547.002 - Authentication Package
T1027.018 - Invisible Unicode

MITREへのリンク →

ZIRCONIUM

Score: 3.76

Matched TTPs:

T1547.002 - Authentication Package
T1027.018 - Invisible Unicode

MITREへのリンク →

Velvet Ant

Score: 5.41

Matched TTPs:

T1128 - Netsh Helper DLL
T1490 - Inhibit System Recovery

MITREへのリンク →

Cobalt Group

Score: 4.11

Matched TTPs:

T1128 - Netsh Helper DLL
T1027.018 - Invisible Unicode

MITREへのリンク →

FIN8

Score: 4.11

Matched TTPs:

T1128 - Netsh Helper DLL
T1027.018 - Invisible Unicode

MITREへのリンク →

Daggerfly

Score: 4.19

Matched TTPs:

T1546.016 - Installer Packages
T1027.018 - Invisible Unicode

MITREへのリンク →

Axiom

Score: 4.54

Matched TTPs:

T1160 - Launch Daemon

MITREへのリンク →

APT38

Score: 4.98

Matched TTPs:

T1027.018 - Invisible Unicode
T1216 - System Script Proxy Execution

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Sandworm Team

Score: 0.81

Matched TTPs:

T1547.002 - Authentication Package
T1102.003 - One-Way Communication
T1546.016 - Installer Packages
T1122 - Component Object Model Hijacking
T1187 - Forced Authentication
T1564.008 - Email Hiding Rules
T1484.002 - Trust Modification
T1091 - Replication Through Removable Media
T1027.018 - Invisible Unicode
T1546.008 - Accessibility Features

MITREへのリンク →

Kimsuky

Score: 0.72

Matched TTPs:

T1547.002 - Authentication Package
T1102.003 - One-Way Communication
T1490 - Inhibit System Recovery
T1003.003 - NTDS
T1091 - Replication Through Removable Media
T1690 - Prevent Command History Logging
T1552.003 - Shell History
T1027.018 - Invisible Unicode
T1546.008 - Accessibility Features

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る