TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究ログ

APT34 (まとめ)

【辞書】

◆APT34 (FireEye)
https://www.fireeye.jp/current-threats/apt-groups.html#apt34

【ニュース】

◆OilRig Actors Provide a Glimpse into Development and Testing Efforts (paloalto, 2017/04/27 13:00)
https://researchcenter.paloaltonetworks.com/2017/04/unit42-oilrig-actors-provide-glimpse-development-testing-efforts/
https://malware-log.hatenablog.com/entry/2017/04/27/000000_9

◆IRANIAN HACKERS HAVE BEEN INFILTRATING CRITICAL INFRASTRUCTURE COMPANIES (WIRED, 2017/12/07)
https://www.wired.com/story/apt-34-iranian-hackers-critical-infrastructure-companies/
https://malware-log.hatenablog.com/entry/2017/12/07/000000_13

◆Chafer: Latest Attacks Reveal Heightened Ambitions (Symantec, 2018/02/28)
https://www.symantec.com/blogs/threat-intelligence/chafer-latest-attacks-reveal-heightened-ambitions
https://malware-log.hatenablog.com/entry/2018/02/28/000000_2

◆活発な動きを見せるイランの「Chafer」 - サプライチェーン上流を標的に (Security NEXT, 2018/03/19)
http://www.security-next.com/091117
https://malware-log.hatenablog.com/entry/2018/03/19/000000_1

◆How companies – and the hackers themselves – could respond to the OilRig leak (CyberScoop, 2019/04/18)
https://www.cyberscoop.com/oilrig-leak-iran-telegram-helix-kitten/
https://malware-log.hatenablog.com/entry/2019/04/18/000000_11

◆DNSトンネリングの現状: OilRigのDNSトンネリング概要 (Paloalto, 2019/04/17 21:00)
https://www.paloaltonetworks.jp/company/in-the-news/2019/dns-tunneling-in-the-wild-overview-of-oilrigs-dns-tunneling
https://malware-log.hatenablog.com/entry/2019/04/17/000000_12


【ブログ】

◆The Curious Case of Mia Ash: Fake Persona Lures Middle Eastern Targets (SecureWorks, 2017/07/27)
https://www.secureworks.com/research/the-curious-case-of-mia-ash
https://malware-log.hatenablog.com/entry/2017/07/27/000000_8

◆OilRig Deploys “ALMA Communicator” – DNS Tunneling Trojan (paloalto, 2017/11/08 13:00)
https://researchcenter.paloaltonetworks.com/2017/11/unit42-oilrig-deploys-alma-communicator-dns-tunneling-trojan/
https://malware-log.hatenablog.com/entry/2017/11/08/000000_9

◆New Targeted Attack in the Middle East by APT34, a Suspected Iranian Threat Group, Using CVE-2017-11882 Exploit (FireEye, 2017/12/07)
https://www.fireeye.com/blog/threat-research/2017/12/targeted-attack-in-middle-east-by-apt34.html
https://malware-log.hatenablog.com/entry/2017/12/07/000000_11

◆OopsIE! OilRig Uses ThreeDollars to Deliver New Trojan (paloalto, 2018/02/23 05:00)
https://researchcenter.paloaltonetworks.com/2018/02/unit42-oopsie-oilrig-uses-threedollars-deliver-new-trojan/
https://malware-log.hatenablog.com/entry/2018/02/23/000000_6

◆Analyzing the APT34’s Jason project (SecurityAffairs, 2019/06/06)
https://securityaffairs.co/wordpress/86680/hacking/analyzing-apt34-jason-project.html
https://malware-log.hatenablog.com/entry/2019/06/06/000000_13


【図表】

f:id:tanigawa:20180523064942p:plain
出典: https://researchcenter.paloaltonetworks.com/2017/04/unit42-oilrig-actors-provide-glimpse-development-testing-efforts/


【関連まとめ記事】

◆イランの攻撃組織 (まとめ) (TT Malware Log)
http://malware-log.hatenablog.com/entry/iran_attacker


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019