Pulse Detail-

A Look Into Fysbis: Sofacy’s Linux Backdoor

概要

The Sofacy group, also known as APT28 and Sednit, is a fairly well known cyber espionage group believed to have ties to Russia. Their targets have spanned all across the world, with a focus on government, defense organizations and various Eastern European governments. From these reports, we know that the group uses an abundance of tools and tactics, ranging across zero-day exploits targeting common applications such as Java or Microsoft Office, heavy use of spear-phishing attacks, compromising legitimate websites to stage watering-hole attacks, and targeting over a variety of operating systems – Windows, OSX, Linux, even mobile iOS.

Created: 2026-02-23

Indicators

類似Pulses

A Look Into Fysbis: Sofacy’s Linux Backdoor (score: 0.88)
New Sofacy Attacks Against US Government Agency (score: 0.65)
BBSRAT Attacks Targeting Russian Organizations (score: 0.65)
Untangling the Patchwork Cyberespionage Group (score: 0.64)
NetTraveler APT Targets Russian, European Interests (score: 0.64)

このPulseに関連する脅威アクター (事実ベース)

Kimsuky

Score: 26.11

Matched TTPs:

T1583 - Acquire Infrastructure
T1587.001 - Malware
T1608.001 - Upload Malware
T1505.003 - Web Shell
T1583.006 - Web Services
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1218.010 - Regsvr32
T1598 - Phishing for Information
T1105 - Ingress Tool Transfer
T1588.005 - Exploits

MITREへのリンク →

Sea Turtle

Score: 9.89

Matched TTPs:

T1583 - Acquire Infrastructure
T1505.003 - Web Shell
T1199 - Trusted Relationship
T1588.002 - Tool
T1203 - Exploitation for Client Execution

MITREへのリンク →

Ember Bear

Score: 18.40

Matched TTPs:

T1583 - Acquire Infrastructure
T1491.002 - External Defacement
T1195 - Supply Chain Compromise
T1505.003 - Web Shell
T1203 - Exploitation for Client Execution
T1588.005 - Exploits

MITREへのリンク →

Indrik Spider

Score: 5.91

Matched TTPs:

T1583 - Acquire Infrastructure
T1587.001 - Malware
T1105 - Ingress Tool Transfer

MITREへのリンク →

Agrius

Score: 4.80

Matched TTPs:

T1583 - Acquire Infrastructure
T1505.003 - Web Shell

MITREへのリンク →

Contagious Interview

Score: 24.15

Matched TTPs:

T1583 - Acquire Infrastructure
T1588.007 - Artificial Intelligence
T1587.001 - Malware
T1608.001 - Upload Malware
T1593.003 - Code Repositories
T1583.006 - Web Services
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1566.003 - Spearphishing via Service

MITREへのリンク →

Sandworm Team

Score: 26.00

Matched TTPs:

T1583 - Acquire Infrastructure
T1491.002 - External Defacement
T1587.001 - Malware
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1505.003 - Web Shell
T1199 - Trusted Relationship
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer

MITREへのリンク →

Star Blizzard

Score: 9.14

Matched TTPs:

T1583 - Acquire Infrastructure
T1608.001 - Upload Malware
T1593 - Search Open Websites/Domains
T1588.002 - Tool

MITREへのリンク →

FIN13

Score: 5.49

Matched TTPs:

T1587.001 - Malware
T1505.003 - Web Shell
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Moonstone Sleet

Score: 10.81

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1598 - Phishing for Information
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

Lazarus Group

Score: 25.71

Matched TTPs:

T1587.001 - Malware
T1583.006 - Web Services
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1001.003 - Protocol or Service Impersonation
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer
T1027.007 - Dynamic API Resolution
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service
T1529 - System Shutdown/Reboot

MITREへのリンク →

OilRig

Score: 18.07

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise
T1505.003 - Web Shell
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

UNC3886

Score: 10.31

Matched TTPs:

T1587.001 - Malware
T1205.001 - Port Knocking
T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

LuminousMoth

Score: 5.69

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT29

Score: 17.88

Matched TTPs:

T1587.001 - Malware
T1505.003 - Web Shell
T1583.006 - Web Services
T1199 - Trusted Relationship
T1588.002 - Tool
T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

Play

Score: 3.72

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Aoqin Dragon

Score: 4.44

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1203 - Exploitation for Client Execution

MITREへのリンク →

RedCurl

Score: 7.59

Matched TTPs:

T1587.001 - Malware
T1199 - Trusted Relationship
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Moses Staff

Score: 5.49

Matched TTPs:

T1587.001 - Malware
T1505.003 - Web Shell
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Turla

Score: 10.09

Matched TTPs:

T1587.001 - Malware
T1583.006 - Web Services
T1588.002 - Tool
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer
T1124 - System Time Discovery

MITREへのリンク →

Ke3chang

Score: 3.72

Matched TTPs:

T1587.001 - Malware
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Mustang Panda

Score: 29.51

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1505.003 - Web Shell
T1219.001 - IDE Tunneling
T1583.006 - Web Services
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1001.003 - Protocol or Service Impersonation
T1518 - Software Discovery
T1105 - Ingress Tool Transfer
T1027.007 - Dynamic API Resolution

MITREへのリンク →

TeamTNT

Score: 4.85

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1105 - Ingress Tool Transfer

MITREへのリンク →

FIN7

Score: 14.84

Matched TTPs:

T1587.001 - Malware
T1608.001 - Upload Malware
T1674 - Input Injection
T1583.006 - Web Services
T1588.002 - Tool
T1105 - Ingress Tool Transfer
T1124 - System Time Discovery

MITREへのリンク →

TA2541

Score: 8.36

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1588.002 - Tool
T1573.002 - Asymmetric Cryptography
T1105 - Ingress Tool Transfer

MITREへのリンク →

Earth Lusca

Score: 6.60

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1588.002 - Tool
T1189 - Drive-by Compromise

MITREへのリンク →

Mustard Tempest

Score: 4.52

Matched TTPs:

T1608.001 - Upload Malware
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer

MITREへのリンク →

LazyScripter

Score: 4.76

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1105 - Ingress Tool Transfer

MITREへのリンク →

Gamaredon Group

Score: 5.61

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Threat Group-3390

Score: 15.50

Matched TTPs:

T1608.001 - Upload Malware
T1608.002 - Upload Tool
T1505.003 - Web Shell
T1199 - Trusted Relationship
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer

MITREへのリンク →

SideCopy

Score: 5.50

Matched TTPs:

T1608.001 - Upload Malware
T1518 - Software Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

TA505

Score: 3.60

Matched TTPs:

T1608.001 - Upload Malware
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

BlackByte

Score: 4.52

Matched TTPs:

T1608.001 - Upload Malware
T1505.003 - Web Shell
T1105 - Ingress Tool Transfer

MITREへのリンク →

BITTER

Score: 8.71

Matched TTPs:

T1608.001 - Upload Malware
T1588.002 - Tool
T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT32

Score: 13.38

Matched TTPs:

T1608.001 - Upload Malware
T1505.003 - Web Shell
T1583.006 - Web Services
T1588.002 - Tool
T1218.010 - Regsvr32
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer

MITREへのリンク →

HEXANE

Score: 6.35

Matched TTPs:

T1608.001 - Upload Malware
T1588.002 - Tool
T1518 - Software Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

Saint Bear

Score: 5.48

Matched TTPs:

T1608.001 - Upload Malware
T1583.006 - Web Services
T1203 - Exploitation for Client Execution

MITREへのリンク →

EXOTIC LILY

Score: 5.99

Matched TTPs:

T1608.001 - Upload Malware
T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service

MITREへのリンク →

APT42

Score: 5.57

Matched TTPs:

T1608.001 - Upload Malware
T1588.002 - Tool
T1573.002 - Asymmetric Cryptography

MITREへのリンク →

Medusa Group

Score: 20.44

Matched TTPs:

T1608.002 - Upload Tool
T1505.003 - Web Shell
T1583.006 - Web Services
T1588.002 - Tool
T1573.002 - Asymmetric Cryptography
T1650 - Acquire Access
T1105 - Ingress Tool Transfer
T1529 - System Shutdown/Reboot

MITREへのリンク →

CURIUM

Score: 8.65

Matched TTPs:

T1505.003 - Web Shell
T1189 - Drive-by Compromise
T1124 - System Time Discovery
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dragonfly

Score: 6.65

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer

MITREへのリンク →

APT28

Score: 23.92

Matched TTPs:

T1505.003 - Web Shell
T1583.006 - Web Services
T1199 - Trusted Relationship
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1598 - Phishing for Information
T1189 - Drive-by Compromise
T1498 - Network Denial of Service
T1105 - Ingress Tool Transfer
T1137.002 - Office Test

MITREへのリンク →

BackdoorDiplomacy

Score: 3.39

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Deep Panda

Score: 4.51

Matched TTPs:

T1505.003 - Web Shell
T1218.010 - Regsvr32

MITREへのリンク →

APT39

Score: 3.39

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Volatile Cedar

Score: 6.67

Matched TTPs:

T1505.003 - Web Shell
T1595.003 - Wordlist Scanning
T1105 - Ingress Tool Transfer

MITREへのリンク →

GALLIUM

Score: 3.39

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Tropic Trooper

Score: 13.15

Matched TTPs:

T1505.003 - Web Shell
T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography
T1518 - Software Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

HAFNIUM

Score: 11.15

Matched TTPs:

T1505.003 - Web Shell
T1593.003 - Code Repositories
T1583.006 - Web Services
T1199 - Trusted Relationship
T1105 - Ingress Tool Transfer

MITREへのリンク →

Fox Kitten

Score: 6.39

Matched TTPs:

T1505.003 - Web Shell
T1105 - Ingress Tool Transfer
T1213.005 - Messaging Applications

MITREへのリンク →

Tonto Team

Score: 4.04

Matched TTPs:

T1505.003 - Web Shell
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer

MITREへのリンク →

Volt Typhoon

Score: 15.64

Matched TTPs:

T1505.003 - Web Shell
T1074 - Data Staged
T1593 - Search Open Websites/Domains
T1588.002 - Tool
T1518 - Software Discovery
T1105 - Ingress Tool Transfer
T1124 - System Time Discovery

MITREへのリンク →

APT38

Score: 8.78

Matched TTPs:

T1505.003 - Web Shell
T1588.002 - Tool
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer
T1529 - System Shutdown/Reboot

MITREへのリンク →

Magic Hound

Score: 13.31

Matched TTPs:

T1505.003 - Web Shell
T1583.006 - Web Services
T1588.002 - Tool
T1573 - Encrypted Channel
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

Leviathan

Score: 8.55

Matched TTPs:

T1505.003 - Web Shell
T1218.010 - Regsvr32
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer

MITREへのリンク →

LAPSUS$

Score: 11.28

Matched TTPs:

T1593.003 - Code Repositories
T1199 - Trusted Relationship
T1588.002 - Tool
T1213.005 - Messaging Applications

MITREへのリンク →

Wizard Spider

Score: 9.38

Matched TTPs:

T1074 - Data Staged
T1552.006 - Group Policy Preferences
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

INC Ransom

Score: 5.25

Matched TTPs:

T1074 - Data Staged
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Scattered Spider

Score: 12.53

Matched TTPs:

T1074 - Data Staged
T1588.002 - Tool
T1598 - Phishing for Information
T1105 - Ingress Tool Transfer
T1213.005 - Messaging Applications

MITREへのリンク →

PROMETHIUM

Score: 5.90

Matched TTPs:

T1205.001 - Port Knocking
T1189 - Drive-by Compromise

MITREへのリンク →

ZIRCONIUM

Score: 8.82

Matched TTPs:

T1583.006 - Web Services
T1598 - Phishing for Information
T1105 - Ingress Tool Transfer
T1124 - System Time Discovery

MITREへのリンク →

MuddyWater

Score: 7.88

Matched TTPs:

T1583.006 - Web Services
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1518 - Software Discovery
T1105 - Ingress Tool Transfer

MITREへのリンク →

Confucius

Score: 4.28

Matched TTPs:

T1583.006 - Web Services
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer

MITREへのリンク →

IndigoZebra

Score: 3.64

Matched TTPs:

T1583.006 - Web Services
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

POLONIUM

Score: 5.61

Matched TTPs:

T1583.006 - Web Services
T1199 - Trusted Relationship
T1588.002 - Tool

MITREへのリンク →

APT33

Score: 7.25

Matched TTPs:

T1552.006 - Group Policy Preferences
T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1105 - Ingress Tool Transfer

MITREへのリンク →

menuPass

Score: 4.37

Matched TTPs:

T1199 - Trusted Relationship
T1588.002 - Tool
T1105 - Ingress Tool Transfer

MITREへのリンク →

Inception

Score: 7.83

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32
T1203 - Exploitation for Client Execution
T1518 - Software Discovery

MITREへのリンク →

Storm-1811

Score: 4.15

Matched TTPs:

T1588.002 - Tool
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

BRONZE BUTLER

Score: 10.22

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1518 - Software Discovery
T1105 - Ingress Tool Transfer
T1124 - System Time Discovery

MITREへのリンク →

APT41

Score: 7.25

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1595.003 - Wordlist Scanning
T1105 - Ingress Tool Transfer

MITREへのリンク →

FIN8

Score: 4.37

Matched TTPs:

T1588.002 - Tool
T1573.002 - Asymmetric Cryptography
T1105 - Ingress Tool Transfer

MITREへのリンク →

FIN6

Score: 6.12

Matched TTPs:

T1588.002 - Tool
T1573.002 - Asymmetric Cryptography
T1566.003 - Spearphishing via Service

MITREへのリンク →

Patchwork

Score: 4.88

Matched TTPs:

T1588.002 - Tool
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer

MITREへのリンク →

WIRTE

Score: 4.37

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32
T1105 - Ingress Tool Transfer

MITREへのリンク →

Cobalt Group

Score: 8.61

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32
T1203 - Exploitation for Client Execution
T1573.002 - Asymmetric Cryptography
T1105 - Ingress Tool Transfer

MITREへのリンク →

Chimera

Score: 4.22

Matched TTPs:

T1588.002 - Tool
T1105 - Ingress Tool Transfer
T1124 - System Time Discovery

MITREへのリンク →

APT19

Score: 5.36

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32
T1189 - Drive-by Compromise

MITREへのリンク →

Blue Mockingbird

Score: 3.60

Matched TTPs:

T1588.002 - Tool
T1218.010 - Regsvr32

MITREへのリンク →

TA551

Score: 3.52

Matched TTPs:

T1218.010 - Regsvr32
T1105 - Ingress Tool Transfer

MITREへのリンク →

Sidewinder

Score: 7.61

Matched TTPs:

T1203 - Exploitation for Client Execution
T1518 - Software Discovery
T1105 - Ingress Tool Transfer
T1124 - System Time Discovery

MITREへのリンク →

Andariel

Score: 4.04

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer

MITREへのリンク →

The White Company

Score: 4.09

Matched TTPs:

T1203 - Exploitation for Client Execution
T1124 - System Time Discovery

MITREへのリンク →

Axiom

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Higaisa

Score: 7.93

Matched TTPs:

T1203 - Exploitation for Client Execution
T1001.003 - Protocol or Service Impersonation
T1124 - System Time Discovery

MITREへのリンク →

APT37

Score: 7.66

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer
T1529 - System Shutdown/Reboot

MITREへのリンク →

Transparent Tribe

Score: 3.26

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise

MITREへのリンク →

Elderwood

Score: 4.04

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer

MITREへのリンク →

Darkhotel

Score: 6.63

Matched TTPs:

T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer
T1124 - System Time Discovery

MITREへのリンク →

PLATINUM

Score: 7.08

Matched TTPs:

T1189 - Drive-by Compromise
T1105 - Ingress Tool Transfer
T1056.004 - Credential API Hooking

MITREへのリンク →

Windshift

Score: 7.81

Matched TTPs:

T1189 - Drive-by Compromise
T1518 - Software Discovery
T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

Dark Caracal

Score: 4.29

Matched TTPs:

T1189 - Drive-by Compromise
T1566.003 - Spearphishing via Service

MITREへのリンク →

Windigo

Score: 4.51

Matched TTPs:

T1189 - Drive-by Compromise
T1518 - Software Discovery

MITREへのリンク →

Equation

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Strider

Score: 4.13

Matched TTPs:

T1564.005 - Hidden File System

MITREへのリンク →

Ajax Security Team

Score: 3.30

Matched TTPs:

T1105 - Ingress Tool Transfer
T1566.003 - Spearphishing via Service

MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Mustang Panda

Score: 0.85

Matched TTPs:

T1593 - Search Open Websites/Domains
T1105 - Ingress Tool Transfer
T1587.001 - Malware
T1203 - Exploitation for Client Execution
T1588.002 - Tool
T1583.006 - Web Services
T1219.001 - IDE Tunneling
T1001.003 - Protocol or Service Impersonation
T1505.003 - Web Shell
T1608.001 - Upload Malware
T1027.007 - Dynamic API Resolution
T1518 - Software Discovery

MITREへのリンク →

Kimsuky

Score: 0.78

Matched TTPs:

T1593 - Search Open Websites/Domains
T1105 - Ingress Tool Transfer
T1587.001 - Malware
T1598 - Phishing for Information
T1218.010 - Regsvr32
T1588.005 - Exploits
T1588.002 - Tool
T1583.006 - Web Services
T1583 - Acquire Infrastructure
T1505.003 - Web Shell
T1608.001 - Upload Malware

MITREへのリンク →

Sandworm Team

Score: 0.76

Matched TTPs:

T1593 - Search Open Websites/Domains
T1105 - Ingress Tool Transfer
T1587.001 - Malware
T1203 - Exploitation for Client Execution
T1491.002 - External Defacement
T1588.002 - Tool
T1583 - Acquire Infrastructure
T1505.003 - Web Shell
T1608.001 - Upload Malware
T1199 - Trusted Relationship
T1195 - Supply Chain Compromise

MITREへのリンク →

APT28

Score: 0.75

Matched TTPs:

T1137.002 - Office Test
T1105 - Ingress Tool Transfer
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1598 - Phishing for Information
T1588.002 - Tool
T1583.006 - Web Services
T1498 - Network Denial of Service
T1505.003 - Web Shell
T1199 - Trusted Relationship

MITREへのリンク →

Lazarus Group

Score: 0.74

Matched TTPs:

T1105 - Ingress Tool Transfer
T1587.001 - Malware
T1203 - Exploitation for Client Execution
T1189 - Drive-by Compromise
T1566.003 - Spearphishing via Service
T1124 - System Time Discovery
T1529 - System Shutdown/Reboot
T1588.002 - Tool
T1583.006 - Web Services
T1001.003 - Protocol or Service Impersonation
T1027.007 - Dynamic API Resolution

MITREへのリンク →

Contagious Interview

Score: 0.67

Matched TTPs:

T1593 - Search Open Websites/Domains
T1593.003 - Code Repositories
T1587.001 - Malware
T1566.003 - Spearphishing via Service
T1588.002 - Tool
T1583.006 - Web Services
T1583 - Acquire Infrastructure
T1608.001 - Upload Malware
T1588.007 - Artificial Intelligence

MITREへのリンク →

Medusa Group

Score: 0.63

Matched TTPs:

T1105 - Ingress Tool Transfer
T1529 - System Shutdown/Reboot
T1573.002 - Asymmetric Cryptography
T1588.002 - Tool
T1583.006 - Web Services
T1650 - Acquire Access
T1505.003 - Web Shell
T1608.002 - Upload Tool

MITREへのリンク →

APT29

Score: 0.59

Matched TTPs:

T1105 - Ingress Tool Transfer
T1587.001 - Malware
T1573 - Encrypted Channel
T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service
T1588.002 - Tool
T1583.006 - Web Services
T1505.003 - Web Shell
T1199 - Trusted Relationship

MITREへのリンク →

Ember Bear

Score: 0.57

Matched TTPs:

T1203 - Exploitation for Client Execution
T1588.005 - Exploits
T1491.002 - External Defacement
T1583 - Acquire Infrastructure
T1505.003 - Web Shell
T1195 - Supply Chain Compromise

MITREへのリンク →

OilRig

Score: 0.57

Matched TTPs:

T1105 - Ingress Tool Transfer
T1587.001 - Malware
T1203 - Exploitation for Client Execution
T1566.003 - Spearphishing via Service
T1573.002 - Asymmetric Cryptography
T1588.002 - Tool
T1505.003 - Web Shell
T1608.001 - Upload Malware
T1195 - Supply Chain Compromise

MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクターグラフ

← Pulse一覧に戻る

A Look Into Fysbis: Sofacy’s Linux Backdoor

概要

Indicators

類似Pulses

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

Pulse – 脅威アクター グラフ

Pulse – 脅威アクターグラフ