Ping
Groups That Use This Software |
||
| ID | Name | References |
|---|---|---|
| G0093 | GALLIUM |
(Citation: Cybereason Soft Cell June 2019) |
| G1001 | HEXANE |
(Citation: ClearSky Siamesekitten August 2021) |
| G0004 | Ke3chang |
(Citation: NCC Group APT15 Alive and Strong) |
|
(Citation: Costa AvosLocker May 2022) |
||
| G0061 | FIN8 |
(Citation: Bitdefender Sardonic Aug 2021) |
| G0059 | Magic Hound |
(Citation: DFIR Phosphorus November 2021) |
| G0019 | Naikon |
(Citation: Baumgartner Naikon 2015) (Citation: Bitdefender Naikon April 2021) |
| G0009 | Deep Panda |
(Citation: Alperovitch 2014) |
| G0102 | Wizard Spider |
(Citation: DHS/CISA Ransomware Targeting Healthcare October 2020) (Citation: DFIR Ryuk in 5 Hours October 2020) (Citation: DFIR Ryuk's Return October 2020) |
| G0096 | APT41 |
(Citation: FireEye APT41 Aug 2019) (Citation: Group IB APT 41 June 2021) |
| G1022 | ToddyCat |
(Citation: Kaspersky ToddyCat Check Logs October 2023) |
| G1017 | Volt Typhoon |
(Citation: CISA AA24-038A PRC Critical Infrastructure February 2024) (Citation: Microsoft Volt Typhoon May 2023) |
|
(Citation: Mandiant APT41) |
||
| G0047 | Gamaredon Group |
(Citation: Symantec Shuckworm January 2022) |
| G0045 | menuPass |
(Citation: FireEye APT10 April 2017) (Citation: PWC Cloud Hopper Technical Annex April 2017) |
References
- Microsoft. (n.d.). Ping. Retrieved April 8, 2016.
- Cybereason Nocturnus. (2019, June 25). Operation Soft Cell: A Worldwide Campaign Against Telecommunications Providers. Retrieved July 18, 2019.
- ClearSky Cyber Security . (2021, August). New Iranian Espionage Campaign By “Siamesekitten” - Lyceum. Retrieved June 6, 2022.
- Smallridge, R. (2018, March 10). APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS. Retrieved April 4, 2018.
- Costa, F. (2022, May 1). RaaS AvosLocker Incident Response Analysis. Retrieved January 11, 2023.
- Budaca, E., et al. (2021, August 25). FIN8 Threat Actor Goes Agile with New Sardonic Backdoor. Retrieved August 9, 2023.
- DFIR Report. (2021, November 15). Exchange Exploit Leads to Domain Wide Ransomware. Retrieved January 5, 2023.
- Baumgartner, K., Golovkin, M.. (2015, May). The MsnMM Campaigns: The Earliest Naikon APT Campaigns. Retrieved April 10, 2019.
- Vrabie, V. (2021, April 23). NAIKON – Traces from a Military Cyber-Espionage Operation. Retrieved June 29, 2021.
- Alperovitch, D. (2014, July 7). Deep in Thought: Chinese Targeting of National Security Think Tanks. Retrieved November 12, 2014.
- The DFIR Report. (2020, October 8). Ryuk’s Return. Retrieved October 9, 2020.
- DHS/CISA. (2020, October 28). Ransomware Activity Targeting the Healthcare and Public Health Sector. Retrieved October 28, 2020.
- The DFIR Report. (2020, October 18). Ryuk in 5 Hours. Retrieved October 19, 2020.
- Fraser, N., et al. (2019, August 7). Double DragonAPT41, a dual espionage and cyber crime operation APT41. Retrieved September 23, 2019.
- Rostovcev, N. (2021, June 10). Big airline heist APT41 likely behind a third-party attack on Air India. Retrieved August 26, 2021.
- Dedola, G. et al. (2023, October 12). ToddyCat: Keep calm and check logs. Retrieved January 3, 2024.
- CISA et al.. (2024, February 7). PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure. Retrieved May 15, 2024.
- Microsoft Threat Intelligence. (2023, May 24). Volt Typhoon targets US critical infrastructure with living-off-the-land techniques. Retrieved July 27, 2023.
- Rufus Brown, Van Ta, Douglas Bienstock, Geoff Ackerman, John Wolfram. (2022, March 8). Does This Look Infected? A Summary of APT41 Targeting U.S. State Governments. Retrieved July 8, 2022.
- Symantec. (2022, January 31). Shuckworm Continues Cyber-Espionage Attacks Against Ukraine. Retrieved February 17, 2022.
- FireEye iSIGHT Intelligence. (2017, April 6). APT10 (MenuPass Group): New Tools, Global Campaign Latest Manifestation of Longstanding Threat. Retrieved June 29, 2017.
- PwC and BAE Systems. (2017, April). Operation Cloud Hopper: Technical Annex. Retrieved April 13, 2017.
Мы используем cookie-файлы, чтобы получить статистику, которая помогает нам улучшить сервис для вас с целью персонализации сервисов и предложений. Вы может прочитать подробнее о cookie-файлах или изменить настройки браузера. Продолжая пользоваться сайтом, вы даёте согласие на использование ваших cookie-файлов и соглашаетесь с Политикой обработки персональных данных.