TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する個人の調査・研究記録

攻撃者の情報

【ブログ】

ハッカーグループ・クラッカー集団の一覧 (いちらん屋, 2015/08/29)
http://ichiranya.com/computer/007-hacker_cracker_group.php

ハッカー(Hacker)の一覧 (いちらん屋)
http://ichiranya.com/computer/005-hacker.php


【公開情報】

◆APT Groups and Operations (Google)
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/edit#gid=1864660085

北朝鮮ハッカーグルーブ】

■Lazarus
別名: Hidden Cobra, Dark Seoul, Silent Chollima, Hastati, Bureau 121, Whois Hacking Team, Unit 121,NewRomanic Cyber Army Team, Andariel
作戦: Operation Troy, Operation-Blockbuster, Tdrop, Tdrop2, Troy

◆Dissecting Operation Troy: Cyberespionage in South Korea (McAfee)
https://www.mcafee.com/us/resources/white-papers/wp-dissecting-operation-troy.pdf

◆TDrop2 Attacks Suggest Dark Seoul Attackers Return (paloalto, 2015/11/18)
https://researchcenter.paloaltonetworks.com/2015/11/tdrop2-attacks-suggest-dark-seoul-attackers-return/
http://malware-log.hatenablog.com/entry/2015/11/18/000000_2

◆Operation Blockbuster (Novetta)
https://www.operationblockbuster.com/wp-content/uploads/2016/02/Operation-Blockbuster-Report.pdf
http://malware-log.hatenablog.com/entry/2016/02/01/000000

◆HIDDEN COBRA – North Korea’s DDoS Botnet Infrastructure (US-CERT, 2017/06/13)
https://www.us-cert.gov/ncas/alerts/TA17-164A


■Bluenoroff
位置づけ: Lazarusの分派

◆Lazarus Under The Hood (SecureList, 2017/04/03)
https://securelist.com/lazarus-under-the-hood/77908/
https://securelist.com/files/2017/04/Lazarus_Under_The_Hood_PDF_final.pdf
http://malware-log.hatenablog.com/entry/2017/04/03/000000_1


■Kimsuki

◆The “Kimsuky” Operation: A North Korean APT? (SecureList, 2013/09/11 20:10)
https://securelist.com/the-kimsuky-operation-a-north-korean-apt/57915/
http://malware-log.hatenablog.com/entry/2013/09/11/000000_1


■TEMP.Hermit

Sony hackers alive and well, say Kaspersky and AlienVault (SC Media, 2016/02/16)
https://www.scmagazine.com/sony-hackers-are-still-hacking-researchers-say/article/528382/


■OnionDog

◆Korean Energy and Transportation Targets Attacked by OnionDog APT (Softpedia News, 2016/03/09 13:30)
http://news.softpedia.com/news/korean-energy-and-transportation-targets-attacked-by-oniondog-apt-501534.shtml
http://malware-log.hatenablog.com/entry/2016/03/09/000000


【ロシアのハッカーグルーブ】


■Carbanak
別名: Anunak, Carbon Spider, FIN7
作戦: Odinaff


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2017