Trusted Design

Silent Crypto Wallet Takeover Unlimited USDT Approval Exploitation via Trust Wallet QR Code Phishing

概要

An active campaign targets Trust Wallet users through malicious QR codes distributed via Telegram, exploiting deep link mechanisms to redirect victims to Netlify-hosted phishing domains. The attack masquerades as a legitimate USDT transfer interface but covertly triggers an ERC-20 approve() transaction, granting unlimited token allowance to an attacker-controlled contract on BNB Smart Chain. This enables persistent fund drainage without further victim interaction. The modular drainer architecture uses config.js for control parameters and main.js for execution logic, with integrated Telegram bot infrastructure providing real-time transaction monitoring. Analysis confirms 52 transaction notifications indicating active exploitation. The campaign employs social engineering through a deceptive dollar-one illusion where victims believe they are initiating small transactions while actually granting unlimited wallet access. Multiple cloned phishing domains demonstrate scalable deployment within a Drainer-as-a-Servic

Created: 2026-04-15

Indicators

類似Pulses

類似するPulseは見つかりませんでした。

このPulseに関連する脅威アクター (事実ベース)

Inception

Score: 8.16
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
MITREへのリンク →

Dark Caracal

Score: 7.18
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1083 - File and Directory Discovery
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Elderwood

Score: 4.23
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
MITREへのリンク →

Darkhotel

Score: 11.16
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1091 - Replication Through Removable Media
  • T1083 - File and Directory Discovery
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
MITREへのリンク →

Transparent Tribe

Score: 4.23
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
MITREへのリンク →

APT28

Score: 33.38
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1091 - Replication Through Removable Media
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1210 - Exploitation of Remote Services
  • T1078 - Valid Accounts
  • T1189 - Drive-by Compromise
  • T1498 - Network Denial of Service
  • T1003.003 - NTDS
  • T1550.001 - Application Access Token
MITREへのリンク →

APT18

Score: 4.32
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
MITREへのリンク →

Leviathan

Score: 19.55
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1585.002 - Email Accounts
  • T1534 - Internal Spearphishing
  • T1078 - Valid Accounts
  • T1587.004 - Exploits
  • T1189 - Drive-by Compromise
MITREへのリンク →

Sidewinder

Score: 14.78
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
  • T1124 - System Time Discovery
MITREへのリンク →

APT39

Score: 9.97
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
MITREへのリンク →

Lazarus Group

Score: 31.83
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1562.004 - Disable or Modify System Firewall
  • T1585.002 - Email Accounts
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1491.001 - Internal Defacement
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1046 - Network Service Discovery
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Saint Bear

Score: 6.24
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

APT33

Score: 8.98
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1555.003 - Credentials from Web Browsers
  • T1078 - Valid Accounts
MITREへのリンク →

BITTER

Score: 8.06
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1573 - Encrypted Channel
MITREへのリンク →

TA505

Score: 10.63
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Higaisa

Score: 5.06
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1124 - System Time Discovery
MITREへのリンク →

APT19

Score: 4.23
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
MITREへのリンク →

Fox Kitten

Score: 19.81
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1210 - Exploitation of Remote Services
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Threat Group-3390

Score: 17.75
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1210 - Exploitation of Remote Services
  • T1078 - Valid Accounts
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
MITREへのリンク →

TA2541

Score: 11.04
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1055 - Process Injection
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Malteiro

Score: 4.52
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
MITREへのリンク →

Magic Hound

Score: 34.74
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1562.004 - Disable or Modify System Firewall
  • T1585.002 - Email Accounts
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1573 - Encrypted Channel
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Storm-1811

Score: 6.46
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Blue Mockingbird

Score: 9.25
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1134 - Access Token Manipulation
MITREへのリンク →

Tropic Trooper

Score: 16.32
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1566.001 - Spearphishing Attachment
  • T1091 - Replication Through Removable Media
  • T1083 - File and Directory Discovery
  • T1052.001 - Exfiltration over USB
  • T1573 - Encrypted Channel
  • T1046 - Network Service Discovery
MITREへのリンク →

Contagious Interview

Score: 26.81
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1681 - Search Threat Vendor Data
  • T1585.002 - Email Accounts
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

menuPass

Score: 20.93
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1210 - Exploitation of Remote Services
  • T1078 - Valid Accounts
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Moses Staff

Score: 7.50
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
MITREへのリンク →

TeamTNT

Score: 25.16
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1070.002 - Clear Linux or Mac System Logs
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1610 - Deploy Container
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1595.001 - Scanning IP Blocks
  • T1046 - Network Service Discovery
MITREへのリンク →

Putter Panda

Score: 3.39
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

OilRig

Score: 27.06
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1556.002 - Password Filter DLL
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1562.004 - Disable or Modify System Firewall
  • T1555.003 - Credentials from Web Browsers
  • T1078 - Valid Accounts
  • T1555.004 - Windows Credential Manager
  • T1046 - Network Service Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

APT32

Score: 24.28
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1055 - Process Injection
  • T1589 - Gather Victim Identity Information
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
MITREへのリンク →

Moonstone Sleet

Score: 16.15
Matched TTPs:
  • T1027.013 - Encrypted/Encoded File
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1486 - Data Encrypted for Impact
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Mustard Tempest

Score: 8.28
Matched TTPs:
  • T1583.008 - Malvertising
  • T1608.001 - Upload Malware
  • T1189 - Drive-by Compromise
MITREへのリンク →

Daggerfly

Score: 7.64
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1036.003 - Rename Legitimate Utilities
  • T1189 - Drive-by Compromise
MITREへのリンク →

GALLIUM

Score: 10.31
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1078 - Valid Accounts
  • T1036.003 - Rename Legitimate Utilities
  • T1018 - Remote System Discovery
MITREへのリンク →

APT29

Score: 36.10
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1649 - Steal or Forge Authentication Certificates
  • T1098.005 - Device Registration
  • T1218.005 - Mshta
  • T1078 - Valid Accounts
  • T1573 - Encrypted Channel
  • T1665 - Hide Infrastructure
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

FIN13

Score: 18.62
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1083 - File and Directory Discovery
  • T1134.003 - Make and Impersonate Token
  • T1046 - Network Service Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Dragonfly

Score: 24.48
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1598.002 - Spearphishing Attachment
  • T1210 - Exploitation of Remote Services
  • T1078 - Valid Accounts
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Ke3chang

Score: 16.61
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1587.001 - Malware
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Agrius

Score: 9.17
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
MITREへのリンク →

APT41

Score: 37.90
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
  • T1555.003 - Credentials from Web Browsers
  • T1546.008 - Accessibility Features
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1595.003 - Wordlist Scanning
  • T1213.003 - Code Repositories
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
  • T1596.005 - Scan Databases
  • T1003.003 - NTDS
MITREへのリンク →

APT5

Score: 11.66
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
  • T1083 - File and Directory Discovery
MITREへのリンク →

Wizard Spider

Score: 26.22
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1518.002 - Backup Software Discovery
  • T1585.002 - Email Accounts
  • T1210 - Exploitation of Remote Services
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1555.004 - Windows Credential Manager
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Ember Bear

Score: 20.18
Matched TTPs:
  • T1003.002 - Security Account Manager
  • T1190 - Exploit Public-Facing Application
  • T1210 - Exploitation of Remote Services
  • T1562.001 - Disable or Modify Tools
  • T1595.001 - Scanning IP Blocks
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
  • T1588.005 - Exploits
MITREへのリンク →

Sea Turtle

Score: 14.90
Matched TTPs:
  • T1583.002 - DNS Server
  • T1070.002 - Clear Linux or Mac System Logs
  • T1190 - Exploit Public-Facing Application
  • T1078 - Valid Accounts
  • T1608.003 - Install Digital Certificate
MITREへのリンク →

Axiom

Score: 16.33
Matched TTPs:
  • T1583.002 - DNS Server
  • T1190 - Exploit Public-Facing Application
  • T1546.008 - Accessibility Features
  • T1078 - Valid Accounts
  • T1553 - Subvert Trust Controls
  • T1189 - Drive-by Compromise
MITREへのリンク →

HEXANE

Score: 20.92
Matched TTPs:
  • T1583.002 - DNS Server
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
  • T1534 - Internal Spearphishing
  • T1018 - Remote System Discovery
MITREへのリンク →

Kimsuky

Score: 40.75
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1593.001 - Social Media
  • T1588.005 - Exploits
MITREへのリンク →

Indrik Spider

Score: 11.49
Matched TTPs:
  • T1587.001 - Malware
  • T1585.002 - Email Accounts
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

UNC3886

Score: 24.03
Matched TTPs:
  • T1587.001 - Malware
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1681 - Search Threat Vendor Data
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1587.004 - Exploits
  • T1124 - System Time Discovery
MITREへのリンク →

LuminousMoth

Score: 12.25
Matched TTPs:
  • T1587.001 - Malware
  • T1091 - Replication Through Removable Media
  • T1608.001 - Upload Malware
  • T1083 - File and Directory Discovery
  • T1608.005 - Link Target
MITREへのリンク →

Sandworm Team

Score: 32.07
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1040 - Network Sniffing
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1499 - Endpoint Denial of Service
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Salt Typhoon

Score: 12.56
Matched TTPs:
  • T1587.001 - Malware
  • T1070.002 - Clear Linux or Mac System Logs
  • T1040 - Network Sniffing
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
MITREへのリンク →

Play

Score: 9.63
Matched TTPs:
  • T1587.001 - Malware
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

Aoqin Dragon

Score: 6.43
Matched TTPs:
  • T1587.001 - Malware
  • T1091 - Replication Through Removable Media
  • T1083 - File and Directory Discovery
MITREへのリンク →

RedCurl

Score: 8.09
Matched TTPs:
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1046 - Network Service Discovery
MITREへのリンク →

Turla

Score: 27.27
Matched TTPs:
  • T1587.001 - Malware
  • T1584.003 - Virtual Private Server
  • T1055 - Process Injection
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1584.006 - Web Services
  • T1555.004 - Windows Credential Manager
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1124 - System Time Discovery
MITREへのリンク →

Mustang Panda

Score: 28.81
Matched TTPs:
  • T1587.001 - Malware
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1091 - Replication Through Removable Media
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1052.001 - Exfiltration over USB
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
  • T1003.003 - NTDS
MITREへのリンク →

FIN7

Score: 27.08
Matched TTPs:
  • T1587.001 - Malware
  • T1566.001 - Spearphishing Attachment
  • T1091 - Replication Through Removable Media
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1218.005 - Mshta
  • T1608.005 - Link Target
  • T1210 - Exploitation of Remote Services
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1124 - System Time Discovery
MITREへのリンク →

Scattered Spider

Score: 35.12
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1598.003 - Spearphishing Link
  • T1589 - Gather Victim Identity Information
  • T1598.004 - Spearphishing Voice
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1213.003 - Code Repositories
  • T1018 - Remote System Discovery
  • T1538 - Cloud Service Dashboard
  • T1003.003 - NTDS
MITREへのリンク →

Storm-0501

Score: 12.48
Matched TTPs:
  • T1484.002 - Trust Modification
  • T1190 - Exploit Public-Facing Application
  • T1098.001 - Additional Cloud Credentials
  • T1486 - Data Encrypted for Impact
MITREへのリンク →

Rocke

Score: 12.54
Matched TTPs:
  • T1070.002 - Clear Linux or Mac System Logs
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1562.001 - Disable or Modify Tools
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
MITREへのリンク →

Silent Librarian

Score: 10.01
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1585.002 - Email Accounts
  • T1608.005 - Link Target
  • T1078 - Valid Accounts
MITREへのリンク →

ZIRCONIUM

Score: 11.24
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1555.003 - Credentials from Web Browsers
  • T1665 - Hide Infrastructure
  • T1124 - System Time Discovery
MITREへのリンク →

Star Blizzard

Score: 18.23
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
  • T1608.001 - Upload Malware
  • T1589 - Gather Victim Identity Information
  • T1585.002 - Email Accounts
  • T1598.002 - Spearphishing Attachment
  • T1078 - Valid Accounts
MITREへのリンク →

CURIUM

Score: 16.12
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1124 - System Time Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Patchwork

Score: 8.45
Matched TTPs:
  • T1598.003 - Spearphishing Link
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1189 - Drive-by Compromise
MITREへのリンク →

Cobalt Group

Score: 9.23
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1218.003 - CMSTP
  • T1046 - Network Service Discovery
MITREへのリンク →

FIN6

Score: 18.17
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1134 - Access Token Manipulation
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
  • T1003.003 - NTDS
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Windshift

Score: 5.16
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1189 - Drive-by Compromise
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

BRONZE BUTLER

Score: 9.87
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1124 - System Time Discovery
MITREへのリンク →

MuddyWater

Score: 16.71
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1218.003 - CMSTP
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1210 - Exploitation of Remote Services
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

Gamaredon Group

Score: 28.12
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1091 - Replication Through Removable Media
  • T1608.001 - Upload Malware
  • T1055 - Process Injection
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1491.001 - Internal Defacement
  • T1534 - Internal Spearphishing
  • T1562.001 - Disable or Modify Tools
  • T1001 - Data Obfuscation
MITREへのリンク →

EXOTIC LILY

Score: 11.50
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1585.002 - Email Accounts
  • T1593.001 - Social Media
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Ajax Security Team

Score: 5.45
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1555.003 - Credentials from Web Browsers
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

TA551

Score: 3.22
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1218.005 - Mshta
MITREへのリンク →

Winter Vivern

Score: 9.03
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
MITREへのリンク →

Confucius

Score: 4.51
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
MITREへのリンク →

BlackTech

Score: 4.11
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1046 - Network Service Discovery
MITREへのリンク →

Naikon

Score: 4.18
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
MITREへのリンク →

SideCopy

Score: 8.81
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
  • T1598.002 - Spearphishing Attachment
MITREへのリンク →

FIN8

Score: 6.18
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

LazyScripter

Score: 5.19
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1218.005 - Mshta
MITREへのリンク →

Tonto Team

Score: 3.62
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1210 - Exploitation of Remote Services
MITREへのリンク →

APT37

Score: 7.15
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1555.003 - Credentials from Web Browsers
  • T1189 - Drive-by Compromise
MITREへのリンク →

Silence

Score: 6.30
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
MITREへのリンク →

IndigoZebra

Score: 3.54
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1586.002 - Email Accounts
MITREへのリンク →

APT1

Score: 3.16
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1585.002 - Email Accounts
MITREへのリンク →

APT38

Score: 23.04
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1218.005 - Mshta
  • T1562.001 - Disable or Modify Tools
  • T1486 - Data Encrypted for Impact
  • T1036.003 - Rename Legitimate Utilities
  • T1565.002 - Transmitted Data Manipulation
  • T1189 - Drive-by Compromise
MITREへのリンク →

The White Company

Score: 3.47
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1124 - System Time Discovery
MITREへのリンク →

PLATINUM

Score: 5.10
Matched TTPs:
  • T1566.001 - Spearphishing Attachment
  • T1055 - Process Injection
  • T1189 - Drive-by Compromise
MITREへのリンク →

HAFNIUM

Score: 14.63
Matched TTPs:
  • T1583.005 - Botnet
  • T1190 - Exploit Public-Facing Application
  • T1083 - File and Directory Discovery
  • T1018 - Remote System Discovery
  • T1003.003 - NTDS
  • T1550.001 - Application Access Token
MITREへのリンク →

Velvet Ant

Score: 10.93
Matched TTPs:
  • T1040 - Network Sniffing
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
MITREへのリンク →

DarkVishnya

Score: 4.80
Matched TTPs:
  • T1040 - Network Sniffing
  • T1046 - Network Service Discovery
MITREへのリンク →

Strider

Score: 8.26
Matched TTPs:
  • T1556.002 - Password Filter DLL
  • T1564.005 - Hidden File System
MITREへのリンク →

Volt Typhoon

Score: 31.87
Matched TTPs:
  • T1584.003 - Virtual Private Server
  • T1190 - Exploit Public-Facing Application
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1587.004 - Exploits
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
  • T1596.005 - Scan Databases
  • T1003.003 - NTDS
  • T1124 - System Time Discovery
MITREへのリンク →

LAPSUS$

Score: 21.73
Matched TTPs:
  • T1586.002 - Email Accounts
  • T1589 - Gather Victim Identity Information
  • T1555.003 - Credentials from Web Browsers
  • T1598.004 - Spearphishing Voice
  • T1090 - Proxy
  • T1078 - Valid Accounts
  • T1213.003 - Code Repositories
  • T1003.003 - NTDS
MITREへのリンク →

Earth Lusca

Score: 17.80
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1218.005 - Mshta
  • T1210 - Exploitation of Remote Services
  • T1584.006 - Web Services
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
MITREへのリンク →

BlackByte

Score: 25.09
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1491.001 - Internal Defacement
  • T1134.003 - Make and Impersonate Token
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
MITREへのリンク →

APT42

Score: 6.31
Matched TTPs:
  • T1608.001 - Upload Malware
  • T1555.003 - Credentials from Web Browsers
  • T1585.002 - Email Accounts
MITREへのリンク →

BackdoorDiplomacy

Score: 3.24
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1046 - Network Service Discovery
MITREへのリンク →

Medusa Group

Score: 23.15
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1585.002 - Email Accounts
  • T1083 - File and Directory Discovery
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1650 - Acquire Access
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
  • T1003.003 - NTDS
MITREへのリンク →

Cinnamon Tempest

Score: 5.24
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1090 - Proxy
  • T1078 - Valid Accounts
MITREへのリンク →

ToddyCat

Score: 9.18
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.004 - Disable or Modify System Firewall
  • T1083 - File and Directory Discovery
  • T1018 - Remote System Discovery
  • T1566.003 - Spearphishing via Service
MITREへのリンク →

Volatile Cedar

Score: 5.60
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1595.003 - Wordlist Scanning
MITREへのリンク →

INC Ransom

Score: 8.80
Matched TTPs:
  • T1190 - Exploit Public-Facing Application
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1046 - Network Service Discovery
MITREへのリンク →

Akira

Score: 11.64
Matched TTPs:
  • T1558 - Steal or Forge Kerberos Tickets
  • T1562.001 - Disable or Modify Tools
  • T1078 - Valid Accounts
  • T1486 - Data Encrypted for Impact
  • T1018 - Remote System Discovery
MITREへのリンク →

Carbanak

Score: 3.77
Matched TTPs:
  • T1562.004 - Disable or Modify System Firewall
  • T1078 - Valid Accounts
MITREへのリンク →

APT3

Score: 8.18
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1018 - Remote System Discovery
MITREへのリンク →

Stealth Falcon

Score: 5.67
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1555.004 - Windows Credential Manager
MITREへのリンク →

Leafminer

Score: 8.43
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1083 - File and Directory Discovery
  • T1189 - Drive-by Compromise
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
MITREへのリンク →

Deep Panda

Score: 4.83
Matched TTPs:
  • T1546.008 - Accessibility Features
  • T1018 - Remote System Discovery
MITREへのリンク →

Windigo

Score: 5.41
Matched TTPs:
  • T1090 - Proxy
  • T1083 - File and Directory Discovery
  • T1189 - Drive-by Compromise
MITREへのリンク →

POLONIUM

Score: 3.77
Matched TTPs:
  • T1090 - Proxy
  • T1078 - Valid Accounts
MITREへのリンク →

Chimera

Score: 10.96
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1078 - Valid Accounts
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
  • T1003.003 - NTDS
  • T1124 - System Time Discovery
MITREへのリンク →

Lotus Blossom

Score: 8.45
Matched TTPs:
  • T1083 - File and Directory Discovery
  • T1134 - Access Token Manipulation
  • T1018 - Remote System Discovery
  • T1046 - Network Service Discovery
MITREへのリンク →

Suckfly

Score: 3.19
Matched TTPs:
  • T1078 - Valid Accounts
  • T1046 - Network Service Discovery
MITREへのリンク →

Equation

Score: 4.13
Matched TTPs:
  • T1564.005 - Hidden File System
MITREへのリンク →

このPulseに関連する脅威アクター (推論ベース)

Kimsuky

Score: 0.70
Matched TTPs:
  • T1587.001 - Malware
  • T1555.003 - Credentials from Web Browsers
  • T1055 - Process Injection
  • T1562.004 - Disable or Modify System Firewall
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1562.001 - Disable or Modify Tools
  • T1585.002 - Email Accounts
  • T1083 - File and Directory Discovery
  • T1586.002 - Email Accounts
  • T1588.005 - Exploits
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1593.001 - Social Media
  • T1218.005 - Mshta
  • T1534 - Internal Spearphishing
MITREへのリンク →

APT41

Score: 0.65
Matched TTPs:
  • T1555.003 - Credentials from Web Browsers
  • T1055 - Process Injection
  • T1213.003 - Code Repositories
  • T1090 - Proxy
  • T1596.005 - Scan Databases
  • T1003.003 - NTDS
  • T1546.008 - Accessibility Features
  • T1083 - File and Directory Discovery
  • T1046 - Network Service Discovery
  • T1190 - Exploit Public-Facing Application
  • T1566.001 - Spearphishing Attachment
  • T1018 - Remote System Discovery
  • T1595.003 - Wordlist Scanning
  • T1486 - Data Encrypted for Impact
  • T1003.002 - Security Account Manager
  • T1078 - Valid Accounts
MITREへのリンク →

APT29

Score: 0.62
Matched TTPs:
  • T1587.001 - Malware
  • T1649 - Steal or Forge Authentication Certificates
  • T1573 - Encrypted Channel
  • T1546.008 - Accessibility Features
  • T1665 - Hide Infrastructure
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1566.001 - Spearphishing Attachment
  • T1098.005 - Device Registration
  • T1566.003 - Spearphishing via Service
  • T1218.005 - Mshta
  • T1003.002 - Security Account Manager
  • T1078 - Valid Accounts
MITREへのリンク →

Scattered Spider

Score: 0.60
Matched TTPs:
  • T1598.004 - Spearphishing Voice
  • T1213.003 - Code Repositories
  • T1090 - Proxy
  • T1598.003 - Spearphishing Link
  • T1562.001 - Disable or Modify Tools
  • T1003.003 - NTDS
  • T1083 - File and Directory Discovery
  • T1484.002 - Trust Modification
  • T1018 - Remote System Discovery
  • T1538 - Cloud Service Dashboard
  • T1589 - Gather Victim Identity Information
  • T1486 - Data Encrypted for Impact
  • T1078 - Valid Accounts
MITREへのリンク →

Magic Hound

Score: 0.60
Matched TTPs:
  • T1573 - Encrypted Channel
  • T1562.004 - Disable or Modify System Firewall
  • T1090 - Proxy
  • T1598.003 - Spearphishing Link
  • T1562.001 - Disable or Modify Tools
  • T1585.002 - Email Accounts
  • T1083 - File and Directory Discovery
  • T1046 - Network Service Discovery
  • T1586.002 - Email Accounts
  • T1190 - Exploit Public-Facing Application
  • T1018 - Remote System Discovery
  • T1566.003 - Spearphishing via Service
  • T1189 - Drive-by Compromise
  • T1589 - Gather Victim Identity Information
  • T1486 - Data Encrypted for Impact
  • T1027.013 - Encrypted/Encoded File
MITREへのリンク →

APT28

Score: 0.57
Matched TTPs:
  • T1550.001 - Application Access Token
  • T1210 - Exploitation of Remote Services
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1091 - Replication Through Removable Media
  • T1083 - File and Directory Discovery
  • T1498 - Network Denial of Service
  • T1003.003 - NTDS
  • T1586.002 - Email Accounts
  • T1566.001 - Spearphishing Attachment
  • T1190 - Exploit Public-Facing Application
  • T1189 - Drive-by Compromise
  • T1027.013 - Encrypted/Encoded File
  • T1078 - Valid Accounts
MITREへのリンク →

Sandworm Team

Score: 0.55
Matched TTPs:
  • T1587.001 - Malware
  • T1555.003 - Credentials from Web Browsers
  • T1090 - Proxy
  • T1598.003 - Spearphishing Link
  • T1040 - Network Sniffing
  • T1003.003 - NTDS
  • T1585.002 - Email Accounts
  • T1083 - File and Directory Discovery
  • T1566.001 - Spearphishing Attachment
  • T1608.001 - Upload Malware
  • T1190 - Exploit Public-Facing Application
  • T1499 - Endpoint Denial of Service
  • T1018 - Remote System Discovery
  • T1486 - Data Encrypted for Impact
  • T1078 - Valid Accounts
MITREへのリンク →

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

← Pulse一覧に戻る