Zscaler¤Ï5·î27Æü(Êƹñ»þ´Ö)¡¢¡ÖAnatsa Campaign Technical Analysis¡ÃThreatLabz¡×¤Ë¤ª¤¤¤Æ¡¢Android¥Ç¥Ð¥¤¥¹¸þ¤±¥Ð¥ó¥­¥ó¥°·¿¥Þ¥ë¥¦¥§¥¢¡ÖAnatsa(ÊÌ̾¡§TeaBot)¡×¤òÇÛÉÛ¤¹¤ë¥µ¥¤¥Ð¡¼¹¶·â¤Î¿·¤·¤¤¥­¥ã¥ó¥Ú¡¼¥ó¤ò³Îǧ¤·¤¿¤È¤·¤Æ¡¢Ê¬ÀÏ·ë²Ì¤ò¸ø³«¤·¤¿¡£¤³¤Î¥­¥ã¥ó¥Ú¡¼¥ó¤Ç¤Ï¡¢¸ø¼°¤ÎGoogle Play¥¹¥È¥¢¤«¤éPDF¥ê¡¼¥À¡¼¤äQR¥³¡¼¥É¥ê¡¼¥À¡¼¤òÁõ¤Ã¤Æ¥Þ¥ë¥¦¥§¥¢¤¬ÇÛÉÛ¤µ¤ì¤¿¤È¤¤¤¦¡£

Anatsa Campaign Technical Analysis¡ÃThreatLabz

¡û¥Þ¥ë¥¦¥§¥¢¤Î´¶À÷·ÐÏ©

¤³¤Î¥­¥ã¥ó¥Ú¡¼¥ó¤Ç¤Ï¡¢¸ø¼°¤ÎGoogle Play¥¹¥È¥¢¤«¤é̵³²¤ÊPDF¥ê¡¼¥À¡¼¤ª¤è¤ÓQR¥³¡¼¥É¥ê¡¼¥À¡¼¤òÇÛÉÛ¤¹¤ë¼êË¡¤¬»ÈÍѤµ¤ì¤¿¡£¥¤¥ó¥¹¥È¡¼¥ëľ¸å¤Ï̵³²¤Ê¥¢¥×¥ê¤È¤·¤ÆÆ°ºî¤¹¤ë¤¬¡¢¹¶·â¼Ô¤Î¥³¥Þ¥ó¥É¡õ¥³¥ó¥È¥í¡¼¥ë(C2: Command and Control)¥µ¡¼¥Ð¤«¤é°­°Õ¤Î¤¢¤ë¥Ú¥¤¥í¡¼¥É¤ò¥À¥¦¥ó¥í¡¼¥É¤·¡¢¹¶·â¼Ô¤Î»Ø¼¨¤Ë´ð¤Å¤¤¤Æ¥Þ¥ë¥¦¥§¥¢¤ò¥¤¥ó¥¹¥È¡¼¥ë¤¹¤ë¡£

¥Þ¥ë¥¦¥§¥¢¤ÎÇÛÉۤ˻ÈÍѤµ¤ì¤¿°­°Õ¤Î¤¢¤ë¥¢¥×¥ê¤ÎÎã¡¡°úÍÑ¡§Zscaler

¥Þ¥ë¥¦¥§¥¢¤Ï¥¢¥×¥ê¤Î¥¢¥Ã¥×¥Ç¡¼¥È¤òÁõ¤Ã¤Æ¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤ë¡£¤³¤Î¤È¤­¡¢¥æ¡¼¥¶¡¼¤Ë¥¢¥¯¥»¥·¥Ó¥ê¥Æ¥£¤ò´Þ¤àÊ£¿ô¤Î¸¢¸Â¤òÍ׵᤹¤ë¡£¤³¤ì¤é¸¢¸Â¤¬µö²Ä¤µ¤ì¤ë¤È¥Ç¥Ð¥¤¥¹¤Ï¿¯³²¤µ¤ì¡¢¶âÍ»µ¡´Ø¤Î¸ø¼°¥¢¥×¥ê¤ò²ð¤·¤Æǧ¾Ú¾ðÊó¤Ê¤É¤¬Àà¼è¤µ¤ì¤ë¡£

¡û¥Þ¥ë¥¦¥§¥¢¤¬µÚ¤Ü¤¹±Æ¶Á¤ÈÂкö

Zscaler¤ÎʬÀϤˤè¤ë¤È¡¢¸ø¼°¥¹¥È¥¢¤«¤éÇÛÉÛ¤µ¤ì¤ë¥Þ¥ë¥¦¥§¥¢¤ÎÌó4³ä¤Ï¥Ä¡¼¥ë¥«¥Æ¥´¥ê¡¼¤Î¥¢¥×¥ê¤Ëµ¶Áõ¤¹¤ë¤È¤¤¤¦¡£¹¶·â¼Ô¤Ï¤³¤Î¥«¥Æ¥´¥ê¡¼¤Î¿Íµ¤¤Î¹â¤µ¤ò°­ÍѤ·¤Æ¤ª¤ê¡¢º£²ó¤Î¥­¥ã¥ó¥Ú¡¼¥ó¤Ë¤ª¤¤¤Æ¤â70,000²ó°Ê¾å¥¤¥ó¥¹¥È¡¼¥ë¤µ¤ì¤¿¤È¤ß¤é¤ì¤Æ¤¤¤ë¡£

°­°Õ¤Î¤¢¤ë¥¢¥×¥ê¤Î¥«¥Æ¥´¥ê¡¼Ê̤γä¹ç¡¡°úÍÑ¡§Zscaler

Zscaler¤Ï¥Í¥Ã¥È¥ï¡¼¥¯¥»¥­¥å¥ê¥Æ¥£¤ò¶¯²½¤¹¤ë¤¿¤á¤Ë¡¢¥¼¥í¥È¥é¥¹¥È¥¢¡¼¥­¥Æ¥¯¥Á¥ã¤ÎƳÆþ¤ò¿ä¾©¤·¤Æ¤¤¤ë¡£¤Þ¤¿¡¢Æ±¼Ò¤ÏÄ´ºº²áÄø¤ÇȽÌÀ¤·¤¿¥»¥­¥å¥ê¥Æ¥£¿¯³²¥¤¥ó¥¸¥±¡¼¥¿¡¼(IoC: Indicator of Compromise)¤ò¸ø³«¤·¤Æ¤ª¤ê¡¢É¬Íפ˱þ¤¸¤Æ³èÍѤ¹¤ë¤³¤È¤¬Ë¾¤Þ¤ì¤Æ¤¤¤ë¡£