TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する個人の調査・研究ログ

Suckfly APT

【ニュース】

◆Suckfly APT (XForce, 2016/06/03)
https://exchange.xforce.ibmcloud.com/collection/Suckfly-APT-aa8af56fd12d25c98fc49ca5341160ab

◆'Suckfly' in the ointment: Chinese APT group steals code-signing certificates (SC Magazine, 2016/03/16)
https://www.scmagazine.com/suckfly-in-the-ointment-chinese-apt-group-steals-code-signing-certificates/article/528968/

◆Suckfly Cyber-Espionage Group Targets Indian Government and Private Companies (Softpedia, 2016/05/18)
http://news.softpedia.com/news/suckfly-cyber-espionage-group-targets-indian-government-and-private-companies-504183.shtml

◆Indian organizations targeted in Suckfly attacks (Symantec, 2016/05/17)
https://www.symantec.com/connect/blogs/indian-organizations-targeted-suckfly-attacks

◆インドの組織を狙う Suckfly (Symantec, 2016/05/19)
https://www.symantec.com/connect/nl/blogs/suckfly-2?page=1

【インディケータ情報】

■使用マルウェア

  • Backdoor.Nidiran (侵入時)
  • HackTool password thief for reconnaissance and lateral movement within victim networks


■使用脆弱性

CVE-2014-6332 OLE における任意のコードを実行される脆弱性

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2017