Trusted Design

Contagious Trader campaign - Coordinated weaponisation of cryptocurrency trading bots by suspected DPRK malware operators

概要

The Contagious Trader campaign is a sophisticated malware operation targeting cryptocurrency users, attributed to North Korea with high confidence. It involves malicious cryptocurrency trading bot projects on GitHub that exfiltrate sensitive data and private keys using various techniques, including malicious npm dependencies. The campaign demonstrates overlaps with known North Korean tactics, particularly those of FAMOUS CHOLLIMA, including the use of GitHub, npm, and Vercel infrastructure, Base64-encoded payload URLs, and anonymizing VPNs for npm package publishing. The operation represents a shift in tactics, expanding beyond the previous Contagious Interview campaign to target a broader range of cryptocurrency users.

Created: 2026-04-17

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Mustard Tempest

Score: 6.51
Matched TTPs:
  • T1583.008 - Malvertising
  • T1608.001 - Upload Malware
MITREへのリンク →

Daggerfly

Score: 5.88
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1036.003 - Rename Legitimate Utilities
MITREへのリンク →

GALLIUM

Score: 13.06
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1078 - Valid Accounts
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
MITREへのリンク →

APT29

Score: 32.12
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1546.008 - Accessibility Features
  • T1550.003 - Pass the Ticket
  • T1098.005 - Device Registration
  • T1218.005 - Mshta
  • T1078 - Valid Accounts
  • T1027.006 - HTML Smuggling
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN13

Score: 13.04
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1134.003 - Make and Impersonate Token
  • T1550.002 - Pass the Hash
MITREへのリンク →

Dragonfly

Score: 16.58
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1598.002 - Spearphishing Attachment
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

Ke3chang

Score: 15.72
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

Agrius

Score: 7.40
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
MITREへのリンク →

APT41

Score: 43.75
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1071.004 - DNS
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1555.003 - Credentials from Web Browsers
  • T1546.008 - Accessibility Features
  • T1078 - Valid Accounts
  • T1599 - Network Boundary Bridging
  • T1486 - Data Encrypted for Impact
  • T1595.003 - Wordlist Scanning
  • T1030 - Data Transfer Size Limits
  • T1213.003 - Code Repositories
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
  • T1596.005 - Scan Databases
MITREへのリンク →

APT5

Score: 7.91
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

menuPass

Score: 11.19
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1078 - Valid Accounts
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
MITREへのリンク →

Threat Group-3390

Score: 13.32
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1078 - Valid Accounts
  • T1030 - Data Transfer Size Limits
  • T1018 - Remote System Discovery
MITREへのリンク →

Wizard Spider

Score: 17.80
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1518.002 - Backup Software Discovery
  • T1585.002 - Email Accounts
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
MITREへのリンク →

Ember Bear

Score: 23.75
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1071.004 - DNS
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1562.001 - Disable or Modify Tools
  • T1595.001 - Scanning IP Blocks
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
  • T1588.005 - Exploits
MITREへのリンク →

Sea Turtle

Score: 14.90
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1078 - Valid Accounts
  • T1608.003 - Install Digital Certificate
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Axiom

Score: 10.02
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1078 - Valid Accounts
MITREへのリンク →

HEXANE

Score: 25.19
Matched TTPs:
  • T1583.002 - DNS Server
  • T1608.001 - Upload Malware
  • T1010 - Application Window Discovery
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
  • T1534 - Internal Spearphishing
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
  • T1018 - Remote System Discovery
MITREへのリンク →

Chimera

Score: 15.83
Matched TTPs:
  • T1071.004 - DNS
  • T1078 - Valid Accounts
  • T1556.001 - Domain Controller Authentication
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
  • T1680 - Local Storage Discovery
MITREへのリンク →

LazyScripter

Score: 7.93
Matched TTPs:
  • T1071.004 - DNS
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
MITREへのリンク →

Cobalt Group

Score: 7.75
Matched TTPs:
  • T1071.004 - DNS
  • T1566.001 - Spearphishing Attachment
  • T1218.003 - CMSTP
MITREへのリンク →

OilRig

Score: 13.69
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1078 - Valid Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT39

Score: 10.46
Matched TTPs:
  • T1071.004 - DNS
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
  • T1018 - Remote System Discovery
MITREへのリンク →

Tropic Trooper

Score: 10.59
Matched TTPs:
  • T1071.004 - DNS
  • T1566.001 - Spearphishing Attachment
  • T1052.001 - Exfiltration over USB
  • T1680 - Local Storage Discovery
MITREへのリンク →

APT18

Score: 4.17
Matched TTPs:
  • T1071.004 - DNS
  • T1078 - Valid Accounts
MITREへのリンク →

FIN7

Score: 25.13
Matched TTPs:
  • T1071.004 - DNS
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1102.002 - Bidirectional Communication
  • T1591.004 - Identify Roles
MITREへのリンク →

Kimsuky

Score: 39.81
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
  • T1218.005 - Mshta
  • T1534 - Internal Spearphishing
  • T1593 - Search Open Websites/Domains
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
  • T1550.002 - Pass the Hash
  • T1680 - Local Storage Discovery
  • T1588.005 - Exploits
MITREへのリンク →

Moonstone Sleet

Score: 17.99
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1486 - Data Encrypted for Impact
  • T1598 - Phishing for Information
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Indrik Spider

Score: 11.49
Matched TTPs:
  • T1587.001 - Malware
  • T1585.002 - Email Accounts
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

Lazarus Group

Score: 25.70
Matched TTPs:
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1010 - Application Window Discovery
  • T1585.002 - Email Accounts
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1036.003 - Rename Legitimate Utilities
  • T1102.002 - Bidirectional Communication
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Contagious Interview

Score: 18.50
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1204.005 - Malicious Library
  • T1593 - Search Open Websites/Domains
  • T1562.001 - Disable or Modify Tools
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

UNC3886

Score: 6.79
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
MITREへのリンク →

LuminousMoth

Score: 11.35
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1608.005 - Link Target
  • T1030 - Data Transfer Size Limits
MITREへのリンク →

Sandworm Team

Score: 31.33
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
  • T1593 - Search Open Websites/Domains
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1102.002 - Bidirectional Communication
  • T1499 - Endpoint Denial of Service
  • T1018 - Remote System Discovery
MITREへのリンク →

Salt Typhoon

Score: 3.57
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Play

Score: 11.77
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1030 - Data Transfer Size Limits
  • T1018 - Remote System Discovery
MITREへのリンク →

RedCurl

Score: 5.02
Matched TTPs:
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
MITREへのリンク →

Moses Staff

Score: 3.57
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
MITREへのリンク →

Turla

Score: 15.59
Matched TTPs:
  • T1587.001 - Malware
  • T1584.003 - Virtual Private Server
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1102.002 - Bidirectional Communication
  • T1018 - Remote System Discovery
MITREへのリンク →

Mustang Panda

Score: 20.99
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1218.005 - Mshta
  • T1593 - Search Open Websites/Domains
  • T1052.001 - Exfiltration over USB
  • T1018 - Remote System Discovery
MITREへのリンク →

TeamTNT

Score: 15.42
Matched TTPs:
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1595.002 - Vulnerability Scanning
  • T1562.001 - Disable or Modify Tools
  • T1595.001 - Scanning IP Blocks
  • T1680 - Local Storage Discovery
MITREへのリンク →

Scattered Spider

Score: 29.65
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1598.004 - Spearphishing Voice
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1598 - Phishing for Information
  • T1213.003 - Code Repositories
  • T1018 - Remote System Discovery
  • T1538 - Cloud Service Dashboard
MITREへのリンク →

Storm-0501

Score: 7.94
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Sidewinder

Score: 9.30
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

Silent Librarian

Score: 10.01
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1585.002 - Email Accounts
  • T1608.005 - Link Target
  • T1078 - Valid Accounts
MITREへのリンク →

ZIRCONIUM

Score: 10.35
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1102.002 - Bidirectional Communication
  • T1598 - Phishing for Information
MITREへのリンク →

APT32

Score: 19.07
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1550.003 - Pass the Ticket
  • T1218.005 - Mshta
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
  • T1550.002 - Pass the Hash
MITREへのリンク →

Magic Hound

Score: 19.41
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1585.002 - Email Accounts
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1102.002 - Bidirectional Communication
  • T1018 - Remote System Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT28

Score: 20.84
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
  • T1030 - Data Transfer Size Limits
  • T1598 - Phishing for Information
  • T1550.002 - Pass the Hash
MITREへのリンク →

Star Blizzard

Score: 15.92
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1598.002 - Spearphishing Attachment
  • T1593 - Search Open Websites/Domains
  • T1078 - Valid Accounts
MITREへのリンク →

CURIUM

Score: 11.76
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1584.006 - Web Services
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 8.22
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1680 - Local Storage Discovery
MITREへのリンク →

Saint Bear

Score: 4.64
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

FIN6

Score: 14.06
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1134 - Access Token Manipulation
  • T1018 - Remote System Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windshift

Score: 3.40
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 8.06
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1550.003 - Pass the Ticket
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
MITREへのリンク →

MuddyWater

Score: 18.69
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1218.003 - CMSTP
  • T1555.003 - Credentials from Web Browsers
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Gamaredon Group

Score: 16.63
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1102.002 - Bidirectional Communication
  • T1027.004 - Compile After Delivery
MITREへのリンク →

Inception

Score: 5.27
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1218.005 - Mshta
MITREへのリンク →

EXOTIC LILY

Score: 7.66
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ajax Security Team

Score: 5.45
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT33

Score: 4.35
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1078 - Valid Accounts
MITREへのリンク →

TA551

Score: 3.22
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
MITREへのリンク →

Winter Vivern

Score: 8.56
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1584.006 - Web Services
MITREへのリンク →

Higaisa

Score: 3.71
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1680 - Local Storage Discovery
MITREへのリンク →

Confucius

Score: 6.05
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
  • T1680 - Local Storage Discovery
MITREへのリンク →

Leviathan

Score: 12.27
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1585.002 - Email Accounts
  • T1534 - Internal Spearphishing
  • T1078 - Valid Accounts
MITREへのリンク →

APT12

Score: 3.27
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

SideCopy

Score: 8.81
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

FIN8

Score: 6.18
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

TA2541

Score: 6.99
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

TA505

Score: 9.04
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

APT37

Score: 5.33
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Silence

Score: 3.84
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

APT1

Score: 5.91
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1550.002 - Pass the Hash
MITREへのリンク →

APT38

Score: 10.64
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1036.003 - Rename Legitimate Utilities
MITREへのリンク →

HAFNIUM

Score: 6.86
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1018 - Remote System Discovery
MITREへのリンク →

Volt Typhoon

Score: 28.34
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1190 - Exploit Public-Facing Application
  • T1010 - Application Window Discovery
  • T1555.003 - Credentials from Web Browsers
  • T1593 - Search Open Websites/Domains
  • T1078 - Valid Accounts
  • T1591.004 - Identify Roles
  • T1018 - Remote System Discovery
  • T1596.005 - Scan Databases
  • T1680 - Local Storage Discovery
MITREへのリンク →

Earth Lusca

Score: 13.54
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1218.005 - Mshta
  • T1584.006 - Web Services
  • T1018 - Remote System Discovery
MITREへのリンク →

BlackByte

Score: 14.68
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1134.003 - Make and Impersonate Token
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

APT42

Score: 6.31
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
MITREへのリンク →

Rocke

Score: 8.43
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1027.004 - Compile After Delivery
  • T1018 - Remote System Discovery
MITREへのリンク →

Medusa Group

Score: 15.40
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1585.002 - Email Accounts
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1650 - Acquire Access
  • T1018 - Remote System Discovery
MITREへのリンク →

Fox Kitten

Score: 7.72
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

ToddyCat

Score: 8.37
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1018 - Remote System Discovery
  • T1680 - Local Storage Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 5.31
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1134 - Access Token Manipulation
MITREへのリンク →

Volatile Cedar

Score: 8.19
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.002 - Vulnerability Scanning
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

INC Ransom

Score: 7.03
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Akira

Score: 11.64
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

Aquatic Panda

Score: 7.14
Matched TTPs:
  • T1595.002 - Vulnerability Scanning
  • T1562.001 - Disable or Modify Tools
  • T1550.002 - Pass the Hash
MITREへのリンク →

APT3

Score: 6.88
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1546.008 - Accessibility Features
  • T1018 - Remote System Discovery
MITREへのリンク →

Leafminer

Score: 8.13
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1055.013 - Process Doppelgänging
  • T1018 - Remote System Discovery
MITREへのリンク →

LAPSUS$

Score: 15.08
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1598.004 - Spearphishing Voice
  • T1078 - Valid Accounts
  • T1591.004 - Identify Roles
  • T1213.003 - Code Repositories
MITREへのリンク →

Deep Panda

Score: 4.83
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1018 - Remote System Discovery
MITREへのリンク →

Carbanak

Score: 3.82
Matched TTPs:
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

POLONIUM

Score: 3.82
Matched TTPs:
  • T1078 - Valid Accounts
  • T1102.002 - Bidirectional Communication
MITREへのリンク →

Storm-1811

Score: 4.86
Matched TTPs:
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Lotus Blossom

Score: 5.39
Matched TTPs:
  • T1134 - Access Token Manipulation
  • T1018 - Remote System Discovery
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

Strider

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

APT41

Score: 0.70
Matched TTPs:
  • T1071.004 - DNS
  • T1595.002 - Vulnerability Scanning
  • T1595.003 - Wordlist Scanning
  • T1190 - Exploit Public-Facing Application
  • T1030 - Data Transfer Size Limits
  • T1550.002 - Pass the Hash
  • T1555.003 - Credentials from Web Browsers
  • T1546.008 - Accessibility Features
  • T1213.003 - Code Repositories
  • T1566.001 - Spearphishing Attachment
  • T1003.002 - Security Account Manager
  • T1018 - Remote System Discovery
  • T1486 - Data Encrypted for Impact
  • T1596.005 - Scan Databases
  • T1599 - Network Boundary Bridging
  • T1078 - Valid Accounts
MITREへのリンク →

Kimsuky

Score: 0.64
Matched TTPs:
  • T1562.001 - Disable or Modify Tools
  • T1190 - Exploit Public-Facing Application
  • T1585.002 - Email Accounts
  • T1593 - Search Open Websites/Domains
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1550.002 - Pass the Hash
  • T1555.003 - Credentials from Web Browsers
  • T1680 - Local Storage Discovery
  • T1598 - Phishing for Information
  • T1566.001 - Spearphishing Attachment
  • T1588.005 - Exploits
  • T1102.002 - Bidirectional Communication
  • T1534 - Internal Spearphishing
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る