【参考情報】
■APT 28
別名: Sofacy, Sednit, Pawn Storm, Group 74, Tsar Team, Fancy Bear, Strontium, Swallowtail, SIG40, IRON TWILIGHT
作戦: Russian Doll, Bundestag, TV5 Monde "Cyber Caliphate", EFF Attack, DNC Hack, OpOlympics
◆“In the last year alone Russian hackers have reportedly stolen up to 900 million dollars from banks around the world.” (box, 2015/05/10)
https://app.box.com/s/g55oxdd3q63hyngbjm4fbipfct94wrye
◆Digital Attack on German Parliament: Investigative Report on the Hack of the Left Party Infrastructure in Bundestag (Netzpolitik.org, 2015/06/19)
https://netzpolitik.org/2015/digital-attack-on-german-parliament-investigative-report-on-the-hack-of-the-left-party-infrastructure-in-bundestag/
◆Operation Pawn Storm (Trendmicro)
https://docs.google.com/spreadsheets/d/1H9_xaxQHpWaa4O_Son4Gx0YOIzlcBWMsdvePFX68EKU/htmlview
◆MATRYOSHKA MINING (Mandiant, 2016/01)
https://www2.fireeye.com/rs/848-DID-242/images/wp-mandiant-matryoshka-mining.pdf
◆Bears in the Midst: Intrusion into the Democratic National Committee (Crowdstrike, 2016/06/15)
https://www.crowdstrike.com/blog/bears-midst-intrusion-democratic-national-committee/
◆New Sofacy Attacks Against US Government Agency (Unit 42(paloalto), 2016/06/14)
https://researchcenter.paloaltonetworks.com/2016/06/unit42-new-sofacy-attacks-against-us-government-agency/
◆Fancy Bears Hack Team (fancybear.net, 2016/09/13)
https://fancybear.net/index.html
◆Sofacy’s ‘Komplex’ OS X Trojan (Unit 42(paloalto), 2016/09/26)
https://researchcenter.paloaltonetworks.com/2016/09/unit42-sofacys-komplex-os-x-trojan/
◆New ESET research paper puts Sednit under the microscope (Eset, 2016/10/20)
https://www.welivesecurity.com/2016/10/20/new-eset-research-paper-puts-sednit-under-the-microscope/
◆Danger Close: Fancy Bear Tracking of Ukrainian Field Artillery Units (Crowdstrike, 2016/12/22)
https://www.crowdstrike.com/blog/danger-close-fancy-bear-tracking-ukrainian-field-artillery-units/
◆GRIZZLY STEPPE – Russian Malicious Cyber Activity (US-CERT, 2016/12/29)
https://www.us-cert.gov/sites/default/files/publications/JAR_16-20296A_GRIZZLY%20STEPPE-2016-1229.pdf
◆Enhanced Analysis of GRIZZLY STEPPE Activity (US-CERT, 2017/02/10)
https://www.us-cert.gov/sites/default/files/publications/AR-17-20045_Enhanced_Analysis_of_GRIZZLY_STEPPE_Activity.pdf
◆“Cyber Conflict” Decoy Document Used In Real Cyber Conflict (Talos(CISCO), 2017/10/22)
https://blog.talosintelligence.com/2017/10/cyber-conflict-decoy-document.html
◆Russia hackers pursued Putin foes, not just US Democrats (AP News, 2017/11/02)
https://apnews.com/3bca5267d4544508bb523fa0db462cb2?utm_campaign=SocialFlow&utm_source=Twitter&utm_medium=AP
◆Update on Pawn Storm: New Targets and Politically Motivated Campaigns (Trendmicro, 2018/01/12)
https://blog.trendmicro.com/trendlabs-security-intelligence/update-pawn-storm-new-targets-politically-motivated-campaigns/
■Carbanak
別名: Anunak, Carbon Spider, FIN7
作戦: Odinaff