TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究ログ

攻撃組織: APT27 / Emissary Panda / Bronze Union / TG-3390 / ZipToken / ARCHERFISH / Iron Tiger

サイバー攻撃グループ

APT27 (まとめ)

【概要】■組織名 APT27 FireEye Emissary Panda CroudStrike, nccgroup Bronze Union SecureWorks TG-3390 SecureWorks ZipToken ARCHERFISH Iron Tiger Group 35 Cisco TEMP.Hippo LuckyMouse kaspersky Threat Group-3390 【ニュース】 ◆Threat Group 3390…

RSAC 2019: Bronze Union APT Updates Remote Access Trojans in Fresh Wave of Attacks

【要点】 ◆ZxShell、Gh0st RAT、SysUpdateマルウェアなどの攻撃を仕掛けるため、2018年に中国関連の脅威グループ(APT27)が最新のRATを使用して戻ってきた 【図表】 出典: https://media.threatpost.com/wp-content/uploads/sites/103/2019/02/26160121/bronz…

Kaspersky Lab、サイバー犯罪組織「LuckyMouse」が盗んだ正規のデジタル証明書でマルウェアに署名し、攻撃に利用していることを確認

【ニュース】 ◆Kaspersky Lab、サイバー犯罪組織「LuckyMouse」が盗んだ正規のデジタル証明書でマルウェアに署名し、攻撃に利用していることを確認 (産経新聞, 2018/09/18 14:44) http://www.sankei.com/economy/news/180918/prl1809180243-n1.html 【関連情…

LuckyMouse Group is back and using a legitimate certificate to sign malware

【ブログ】 ◆LuckyMouse Group is back and using a legitimate certificate to sign malware (Kaspersky, 2018/09/10) https://www.kaspersky.com/about/press-releases/2018_luckymouse-group-is-back-and-using-a-legitimate-certificate-to-sign-malware…

LuckyMouse uses malicious NDISProxy Windows driver to target gov't entities

【ニュース】 ◆LuckyMouse uses malicious NDISProxy Windows driver to target gov't entities (ZDNet, 2018/09/10) https://www.zdnet.com/article/luckymouse-targets-govt-entities-through-malicious-ndisproxy-driver/ 【まとめ】 ◆APT27 (まとめ) htt…

Chinese Hackers Carried Out Country-Level Watering Hole Attack

【ブログ】 ◆Chinese Hackers Carried Out Country-Level Watering Hole Attack (The Hacker News, 2018/06/14) https://thehackernews.com/2018/06/chinese-watering-hole-attack.html

LuckyMouse hits national data center to organize country-level waterholing campaign

【ブログ】 ◆LuckyMouse hits national data center to organize country-level waterholing campaign (Kaspersky, 2018/06/13 10:00) https://securelist.com/luckymouse-hits-national-data-center/86083/ 【関連まとめ記事】 ◆APT27 (まとめ) http://malw…

Emissary Panda – A potential new malicious tool Introduction

【ブログ】 ◆Emissary Panda – A potential new malicious tool Introduction (nccgroup, 2018/05/18) https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/may/emissary-panda-a-potential-new-malicious-tool/

Decoding network data from a Gh0st RAT variant

【ブログ】 ◆Decoding network data from a Gh0st RAT variant (nccgroup, 2018/04/17) https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/april/decoding-network-data-from-a-gh0st-rat-variant/ 【まとめ】 ◆APT27 (まとめ) http:/…

BRONZE UNION Cyberespionage Persists Despite Disclosures

【ブログ】 ◆BRONZE UNION Cyberespionage Persists Despite Disclosures (SecureWorks, 2017/06/27) https://www.secureworks.com/research/bronze-union 【関連まとめ記事】 ◆APT17 (まとめ) http://malware-log.hatenablog.com/entry/APT27

ThreatConnect identifies Chinese targeting of two companies. Economic espionage or military intelligence?

【ブログ】 ◆ThreatConnect identifies Chinese targeting of two companies. Economic espionage or military intelligence? (ThreatConnect, 2016/10/17) https://www.threatconnect.com/blog/threatconnect-discovers-chinese-apt-activity-in-europe/

Newly discovered Chinese hacking group hacked 100+ websites to use as “watering holes”

【ブログ】 ◆Newly discovered Chinese hacking group hacked 100+ websites to use as “watering holes” (Ars Technica, 2015/08/06 04:00) Emissary Panda group penetrated the networks of industrial espionage targets. https://arstechnica.com/infor…

Threat Group 3390 Cyberespionage

【ニュース】 ◆Threat Group 3390 Cyberespionage (Secureworks, 2015/08/05) https://www.secureworks.com/research/threat-group-3390-targets-organizations-for-cyberespionage ⇒ http://malware-log.hatenablog.com/entry/APT27

REGIONAL ADVANCED THREAT REPORT

【公開情報】 ◆REGIONAL ADVANCED THREAT REPORT:Europe, Middle East and Africa 1H2015 (FireEye, 2015) https://www.fireeye.com/content/dam/fireeye-www/partners/pdfs/rpt-regional-atr-emea-web-bt.pdf 【関連まとめ記事】 ◆APT10 / MenuPass (まとめ)…


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019