TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する個人の調査・研究ログ

APT37 (まとめ)

f:id:tanigawa:20180304133030p:plain
APT37の標的先
出典: https://the01.jp/p0006529/


【概要】

【公開情報】

◆APT37 (REAPER) (FireEye, 2018/02/21)

知られざる北朝鮮の攻撃グループ

https://www2.fireeye.com/rs/848-DID-242/images/rpt-apt37-JP.pdf

◆APT37 (FireEye)
https://www.fireeye.com/current-threats/apt-groups.html


【ニュース】

Flashゼロデイ攻撃、APTグループ「ScarCruft」関与か - EMETで回避可能 (Security NEXT, 2016/06/15)
http://www.security-next.com/070993

◆APT Group Uses Flash Zero-Day to Attack High-Profile Targets (SECURITYWEEK, 2016/06/15)
http://www.securityweek.com/apt-group-uses-flash-zero-day-attack-high-profile-targets

Adobe Flash Player 22.0.0.192 release fixes the Flash Player zero-day vulnerability (CVE-2016-4171) exploited by the APT group dubbed ScarCruft. (Security Affairs, 2016/06/19)
http://securityaffairs.co/wordpress/48531/cyber-crime/flash-zero-day-scarcruft.html

◆North Korean hackers belonging to the North Korea Group 123 have conducted at least six different massive malware campaigns during 2017. (Security Affairs, 2018/01/18)
http://securityaffairs.co/wordpress/67895/hacking/north-korea-group-123.html

Cisco and FireEye Pointing Finger at North Korea Hacking Group For Adobe Flash 0-Day In The Wild (Security Affairs, 2018/02/05)
http://securityaffairs.co/wordpress/68718/hacking/north-korea-adobe-flash-0day.html

◆THE TOOLSET OF AN ELITE NORTH KOREAN HACKER GROUP ON THE RISE (WIRED, 2018/02/20)
https://www.wired.com/story/north-korean-hacker-group-apt37/

◆North Korean APT Group tracked as APT37 broadens its horizons (Security Affairs, 2018/02/21)
http://securityaffairs.co/wordpress/69339/apt/apt37-broadens-horizons.html

北朝鮮 ハッカー集団、国家ぐるみで日本に攻撃か (毎日新聞, 2018/02/22)
https://mainichi.jp/articles/20180222/ddm/007/030/070000c


【ブログ】

◆CVE-2016-4171 – Adobe Flash Zero-day used in targeted attacks (SecureList, 2016/06/14)
https://securelist.com/cve-2016-4171-adobe-flash-zero-day-used-in-targeted-attacks/75082/

◆Operation Daybreak (SECURELIST, 2016/06/17)

Flash zero-day exploit deployed by the ScarCruft APT Group

https://securelist.com/blog/research/75100/operation-daybreak/

北朝鮮サイバー攻撃グループ「APT37」が活発化 (THE ZERO/ONE, 2018/03/02)
https://the01.jp/p0006529/


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2017