TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

ロシアの攻撃組織 (まとめ)

【参考情報】

■APT 28
別名: Sofacy, Sednit, Pawn Storm, Group 74, Tsar Team, Fancy Bear, Strontium, Swallowtail, SIG40, IRON TWILIGHT
作戦: Russian Doll, Bundestag, TV5 Monde "Cyber Caliphate", EFF Attack, DNC Hack, OpOlympics

◆“In the last year alone Russian hackers have reportedly stolen up to 900 million dollars from banks around the world.” (box, 2015/05/10)
https://app.box.com/s/g55oxdd3q63hyngbjm4fbipfct94wrye

◆Digital Attack on German Parliament: Investigative Report on the Hack of the Left Party Infrastructure in Bundestag (Netzpolitik.org, 2015/06/19)
https://netzpolitik.org/2015/digital-attack-on-german-parliament-investigative-report-on-the-hack-of-the-left-party-infrastructure-in-bundestag/

◆Operation Pawn Storm (Trendmicro)
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/htmlview

MATRYOSHKA MINING (Mandiant, 2016/01)
https://www2.fireeye.com/rs/848-DID-242/images/wp-mandiant-matryoshka-mining.pdf

◆Bears in the Midst: Intrusion into the Democratic National Committee (Crowdstrike, 2016/06/15)
https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/

◆New Sofacy Attacks Against US Government Agency (Unit 42(paloalto), 2016/06/14)
https://researchcenter.paloaltonetworks.com/2016/06/unit42-new-sofacy-attacks-against-us-government-agency/

◆Fancy Bears Hack Team (fancybear.net, 2016/09/13)
https://fancybear.net/index.html

◆Sofacy’s ‘Komplex’ OS X Trojan (Unit 42(paloalto), 2016/09/26)
https://researchcenter.paloaltonetworks.com/2016/09/unit42-sofacys-komplex-os-x-trojan/

◆New ESET research paper puts Sednit under the microscope (Eset, 2016/10/20)
https://www.welivesecurity.com/2016/10/20/new-eset-research-paper-puts-sednit-under-the-microscope/

◆Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units (Crowdstrike, 2016/12/22)
https://www.crowdstrike.com/blog/danger-close-fancy-bear-tracking-ukrainian-field-artillery-units/

◆GRIZZLY STEPPE – Russian Malicious Cyber Activity (US-CERT, 2016/12/29)
https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf

◆Enhanced Analysis of GRIZZLY STEPPE Activity (US-CERT, 2017/02/10)
https://www.us-cert.gov/sites/default/files/publications/AR-17-20045_Enhanced_Analysis_of_GRIZZLY_STEPPE_Activity.pdf

◆“Cyber Conflict” Decoy Document Used In Real Cyber Conflict (Talos(CISCO), 2017/10/22)
https://blog.talosintelligence.com/2017/10/cyber-conflict-decoy-document.html

◆Russia hackers pursued Putin foes, not just US Democrats (AP News, 2017/11/02)
https://apnews.com/3bca5267d4544508bb523fa0db462cb2?utm_campaign=SocialFlow&utm_source=Twitter&utm_medium=AP

◆Update on Pawn Storm: New Targets and Politically Motivated Campaigns (Trendmicro, 2018/01/12)
https://blog.trendmicro.com/trendlabs-security-intelligence/update-pawn-storm-new-targets-politically-motivated-campaigns/


■Carbanak
別名: Anunak, Carbon Spider, FIN7
作戦: Odinaff


Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2019