Securonix¤Ï¤³¤Î¤Û¤É¡¢¡ÖResearch Update: Threat Actors Behind the DEV#POPPER Campaign Have Retooled and are Continuing to Target Software Developers via Social Engineering - Securonix¡×¤Ë¤ª¤¤¤Æ¡¢ËÌÄ«Á¯¤Î¥µ¥¤¥Ð¡¼¹¶·â¥­¥ã¥ó¥Ú¡¼¥ó¡ÖDEV#POPPER¡×¤¬¥Ä¡¼¥ë¤ò°ì¿·¤·¤Æ¿Ê²½¤·¤¿¤ÈÊ󤸤¿¡£¤³¤ì¤Ï¡ÖPython¥Ù¡¼¥¹¤Î¥È¥í¥¤¤ÎÌÚÇÏÇÛÉÛ¤¹¤ë¥µ¥¤¥Ð¡¼¹¶·â³Îǧ¡¢ËÌÄ«Á¯´ØÍ¿¤Îµ¿¤¤ | TECH+¡Ê¥Æ¥Ã¥¯¥×¥é¥¹¡Ë¡×¤È¤·¤ÆÊ󤸤¿ËÌÄ«Á¯¤Î¥µ¥¤¥Ð¡¼¹¶·â¥­¥ã¥ó¥Ú¡¼¥ó¤Î³Êó¤È¤Ê¤ë¡£

Research Update: Threat Actors Behind the DEV#POPPER Campaign Have Retooled and are Continuing to Target Software Developers via Social Engineering - Securonix

¡û¥µ¥¤¥Ð¡¼¹¶·â¡ÖDEV#POPPER¡×¤Î¿Ê²½

¡ÖDEV#POPPER¡×¤Ïž¿¦¤ò˾¤à¥½¥Õ¥È¥¦¥§¥¢³«È¯¼Ô¤òɸŪ¤Ë¡¢ºÎÍÑôÅö¼Ô¤òÁõ¤Ã¤¿¶¼°Ò¥¢¥¯¥¿¡¼¤¬µ¶¤ÎÌÌÀܤòÄ̤¸¤Æ¥Þ¥ë¥¦¥§¥¢¤òÇÛÉÛ¤¹¤ë¡£½é´ü¤Î¿¯³²¤Ï½¾Íè¤ÈƱÍͤ˥Ρ¼¥É¥Ñ¥Ã¥±¡¼¥¸¥Þ¥Í¡¼¥¸¥ã¡¼(npm: Node Package Manager)¤Î¥Ñ¥Ã¥±¡¼¥¸¥Õ¥¡¥¤¥ë¤ò»ÈÍѤ¹¤ë¡£Èï³²¼Ô¤¬ºÎÍÑôÅö¼Ô¤ÎÍ×µá¤Ë½¾¤¤¥Ñ¥Ã¥±¡¼¥¸¤ò¼Â¹Ô¤¹¤ë¤È¡¢°­°Õ¤Î¤¢¤ëJavaScript¤¬¼Â¹Ô¤µ¤ì¥Þ¥ë¥¦¥§¥¢¤Ë´¶À÷¤¹¤ë¡£

Securonix¤Ë¤è¤ë¤È¡¢¿·¤·¤¤¥Þ¥ë¥¦¥§¥¢¤Ë¤Ï¼¡¤Î¤è¤¦¤Êµ¡Ç½Äɲ䪤è¤Ó²þÁ±¤¬¤ß¤é¤ì¤ë¤È¤¤¤¦¡£

Ê£¿ô¤Î¥ª¥Ú¥ì¡¼¥Æ¥£¥ó¥°¥·¥¹¥Æ¥à¤ò¥µ¥Ý¡¼¥È

ÆÃÄê¤Î´ð½à¤òËþ¤¿¤¹µ¡Ì©Ê¸½ñ¤ÎÃê½Ð

¼çÍפÊWeb¥Ö¥é¥¦¥¶¤ÎCookie¾ðÊó¤Ê¤É¤òÀà¼è

¥ê¥â¡¼¥È´Æ»ë¤ª¤è¤Ó´ÉÍý(RMM: Remote Monitoring and Management)¥¢¥×¥ê¤Î¡ÖAnyDesk¡×¤ò°­ÍѤ·¤¿±Ê³À­¤Î³ÎÊÝ

FTPµ¡Ç½¤Î¼«Æ°²½¤ª¤è¤Ó¥¹¥Æ¥ë¥¹À­¤Î¸þ¾å

ÆñÆɲ½¤È¥¨¥ó¥³¡¼¥É¤Î¶¯²½

¥¿¡¼¥²¥Ã¥È¤ò¹Ê¤Ã¤¿É¸Åª¤Î°ÌÃÖ¾ðÊó¤Î¼ý½¸

¥¿¡¼¥²¥Ã¥È¤ò¹Ê¤Ã¤¿¥·¥¹¥Æ¥à¾ðÊó¤Î¼ý½¸

Securonix¤ÎÄ´ºº¤Ë¤è¤ë¤È¡¢¤³¤Î¥­¥ã¥ó¥Ú¡¼¥ó¤ÎÈï³²¼Ô¤Ï¼ç¤Ë´Ú¹ñ¡¢ËÌÊÆ¡¢¥è¡¼¥í¥Ã¥Ñ¡¢ÃæÅì¤Î³«È¯¼Ô¤È¤µ¤ì¡¢Èï³²¤ÏÀ¤³¦Ãæ¤Ë³ÈÂ礷¤Æ¤¤¤ë¤È¤¤¤¦¡£

¡ûÂкö

Securonix¤Ï¤³¤Î¤è¤¦¤Ê¹¶·â¤ò²óÈò¤¹¤ë¤¿¤á¤Ë¡¢½¾Íè¤ÎÂкö¤Ë²Ã¤¨¡¢¼¡¤ÎÂкö¤Î¼Â»Ü¤ò¿ä¾©¤·¤Æ¤¤¤ë¡£

¿®Íê¤Ç¤­¤Ê¤¤¥³¡¼¥É¤ä¥¢¥×¥ê¤ò¼Â¹Ô¤¹¤ëɬÍפ¬¤¢¤ë¾ì¹ç¤Ï¡¢²¾ÁÛ¥Þ¥·¥ó¤Þ¤¿¤ÏWindows Sandbox¤ò»ÈÍѤ¹¤ë(»²¹Í¡§¡ÖHow to configure Windows Sandbox - Microsoft Community Hub¡×)

¼«Ê¬¤¬¥½¡¼¥·¥ã¥ë¥¨¥ó¥¸¥Ë¥¢¥ê¥ó¥°¹¶·â¤ÎɸŪ¤Ë¤Ê¤ê¤¦¤ë»ö¼Â¤ò¼«³Ð¤¹¤ë

ËÌÄ«Á¯¤Ë¤è¤ë¥µ¥¤¥Ð¡¼¹¶·â¥­¥ã¥ó¥Ú¡¼¥ó¡ÖDEV#POPPER¡×¤Ïº£¸å¤â·Ñ³¤¹¤ë¤È¿ä¬¤µ¤ì¤Æ¤¤¤ë¡£¤½¤Î¤¿¤á¡¢À¤³¦Ãæ¤Î¥½¥Õ¥È¥¦¥§¥¢³«È¯¼Ô¤Ë¤ÏƱÍͤι¶·â¤Ø¤Î·Ù²ü¤ò·Ñ³¤¹¤ë¤³¤È¤¬Ë¾¤Þ¤ì¤Æ¤¤¤ë¡£