Mustard Tempest

Techniques (MITRE ATT&CK)12

SourceMITRE ATT&CK

Also known as:DEV-0206TA569GOLD PRELUDEUNC1543

Vexday analysis

Mustard Tempest é um grupo de acesso inicial (IAB) que opera a rede de distribuição SocGholish desde pelo menos 2017, sendo rastreado também pelos aliases DEV-0206, TA569, GOLD PRELUDE e UNC1543. O grupo estabeleceu parceria com o Indrik Spider para fornecer acesso que viabiliza o download de malwares adicionais, incluindo LockBit, WastedLocker e ferramentas de acesso remoto. Ao grupo são atribuídas 12 técnicas documentadas no MITRE ATT&CK (identificador G1020).

Techniques (MITRE ATT&CK) 12

How the group operates, mapped to the MITRE ATT&CK matrix and organized by the phases of an attack.

Resource development

Server Malvertising Domains Upload Malware Drive-by Target SEO Poisoning

Initial access

Drive-by Compromise Spearphishing Link

Execution

Malicious Link

Discovery

System Information Discovery

Command and control

Ingress Tool Transfer

stealth

Match Legitimate Resource Name or Location

Exploited vulnerabilities

No CVEs attributed to this group in public sources (MITRE ATT&CK). Absence of attribution does not mean absence of activity.

Mustard Tempest uses real techniques and exploits real flaws. TrueHacking's AI Autonomous Pentest simulates these attacks against your infrastructure and brings more security to your application.

Explore the AI Autonomous Pentest →