TT Malware Log

マルウェア / サイバー攻撃 / 解析技術 に関する「個人」の調査・研究・参照ログ

ロシアの攻撃組織 (まとめ)


■APT 28
別名: Sofacy, Sednit, Pawn Storm, Group 74, Tsar Team, Fancy Bear, Strontium, Swallowtail, SIG40, IRON TWILIGHT
作戦: Russian Doll, Bundestag, TV5 Monde "Cyber Caliphate", EFF Attack, DNC Hack, OpOlympics

◆“In the last year alone Russian hackers have reportedly stolen up to 900 million dollars from banks around the world.” (box, 2015/05/10)

◆Digital Attack on German Parliament: Investigative Report on the Hack of the Left Party Infrastructure in Bundestag (, 2015/06/19)

◆Operation Pawn Storm (Trendmicro)

MATRYOSHKA MINING (Mandiant, 2016/01)

◆Bears in the Midst: Intrusion into the Democratic National Committee (Crowdstrike, 2016/06/15)

◆New Sofacy Attacks Against US Government Agency (Unit 42(paloalto), 2016/06/14)

◆Fancy Bears Hack Team (, 2016/09/13)

◆Sofacy’s ‘Komplex’ OS X Trojan (Unit 42(paloalto), 2016/09/26)

◆New ESET research paper puts Sednit under the microscope (Eset, 2016/10/20)

◆Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units (Crowdstrike, 2016/12/22)

◆GRIZZLY STEPPE – Russian Malicious Cyber Activity (US-CERT, 2016/12/29)

◆Enhanced Analysis of GRIZZLY STEPPE Activity (US-CERT, 2017/02/10)

◆“Cyber Conflict” Decoy Document Used In Real Cyber Conflict (Talos(CISCO), 2017/10/22)

◆Russia hackers pursued Putin foes, not just US Democrats (AP News, 2017/11/02)

◆Update on Pawn Storm: New Targets and Politically Motivated Campaigns (Trendmicro, 2018/01/12)

別名: Anunak, Carbon Spider, FIN7
作戦: Odinaff

Copyright (C) 谷川哲司 (Tetsuji Tanigawa) 1997 - 2020