TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究ログ

攻撃組織: APT34 / OilRig / Pipefish / Greenbug / Helix Kitten / Chrysene / Crambus / Cobalt Gyp

標的型攻撃組織(イラン) 別名(APT34 / OilRig / Pipefish / Greenbug / Helix Kitten / Chrysene / Crambus / Cobalt Gypsy / Twisted Kitten )

APT34 (まとめ)

【辞書】 ◆APT34 (FireEye) https://www.fireeye.jp/current-threats/apt-groups.html#apt34

Analyzing the APT34’s Jason project

【ブログ】 ◆Analyzing the APT34’s Jason project (SecurityAffairs, 2019/06/06) https://securityaffairs.co/wordpress/86680/hacking/analyzing-apt34-jason-project.html 【関連まとめ記事】 ◆APT34 (まとめ) https://malware-log.hatenablog.com/entry…

How companies – and the hackers themselves – could respond to the OilRig leak

【ニュース】 ◆How companies – and the hackers themselves – could respond to the OilRig leak (CyberScoop, 2019/04/18) https://www.cyberscoop.com/oilrig-leak-iran-telegram-helix-kitten/ 【関連まとめ記事】 ◆APT34 (まとめ) https://malware-log.…

DNSトンネリングの現状: OilRigのDNSトンネリング概要

【ニュース】 ◆DNSトンネリングの現状: OilRigのDNSトンネリング概要 (Paloalto, 2019/04/17 21:00) https://www.paloaltonetworks.jp/company/in-the-news/2019/dns-tunneling-in-the-wild-overview-of-oilrigs-dns-tunneling 【関連まとめ記事】 ◆APT34 (…

活発な動きを見せるイランの「Chafer」 - サプライチェーン上流を標的に

【ニュース】 ◆活発な動きを見せるイランの「Chafer」 - サプライチェーン上流を標的に (Security NEXT, 2018/03/19) http://www.security-next.com/091117 【関連まとめ記事】 ◆APT34 (まとめ) https://malware-log.hatenablog.com/entry/APT34

Chafer: Latest Attacks Reveal Heightened Ambitions

【ニュース】 ◆Chafer: Latest Attacks Reveal Heightened Ambitions (Symantec, 2018/02/28) https://www.symantec.com/blogs/threat-intelligence/chafer-latest-attacks-reveal-heightened-ambitions 【関連まとめ記事】 ◆APT34 (まとめ) https://malware…

OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan

【ブログ】 ◆OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan (paloalto, 2018/02/23 05:00) https://researchcenter.paloaltonetworks.com/2018/02/unit42-oopsie-oilrig-uses-threedollars-deliver-new-trojan/ 【関連まとめ記事】 ◆APT34 (まと…

New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit

【ブログ】 ◆New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit (FireEye, 2017/12/07) https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.…

IRANIAN HACKERS HAVE BEEN INFILTRATING CRITICAL INFRASTRUCTURE COMPANIES

【ニュース】 ◆IRANIAN HACKERS HAVE BEEN INFILTRATING CRITICAL INFRASTRUCTURE COMPANIES (WIRED, 2017/12/07) https://www.wired.com/story/apt-34-iranian-hackers-critical-infrastructure-companies/ 【関連まとめ記事】 ◆APT34 (まとめ) https://mal…

OilRig Deploys “ALMA Communicator” – DNS Tunneling Trojan

【ブログ】 ◆OilRig Deploys “ALMA Communicator” – DNS Tunneling Trojan (paloalto, 2017/11/08 13:00) https://researchcenter.paloaltonetworks.com/2017/11/unit42-oilrig-deploys-alma-communicator-dns-tunneling-trojan/

The Curious Case of Mia Ash: Fake Persona Lures Middle Eastern Targets

【概要】 COBALT GYPSY (旧称: TG-2889 ) 【ブログ】 ◆The Curious Case of Mia Ash: Fake Persona Lures Middle Eastern Targets (SecureWorks, 2017/07/27) https://www.secureworks.com/research/the-curious-case-of-mia-ash 【関連まとめ記事】 ◆APT34 …

OilRig Actors Provide a Glimpse into Development and Testing Efforts

【図表】 出典: https://researchcenter.paloaltonetworks.com/2017/04/unit42-oilrig-actors-provide-glimpse-development-testing-efforts/ 【ニュース】 ◆OilRig Actors Provide a Glimpse into Development and Testing Efforts (paloalto, 2017/04/27 1…


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019