게시판 즐겨찾기
편집
드래그 앤 드롭으로
즐겨찾기 아이콘 위치 수정이 가능합니다.
국정원의 해킹프로그램 활동내역 중 일부.
게시물ID : computer_250211짧은주소 복사하기
작성자 : 평정컴퓨터
추천 : 5
조회수 : 1209회
댓글수 : 2개
등록시간 : 2015/07/09 11:17:51
옵션
  • 펌글
전문의 기관코드 SKA가 한국의 5163 Army Division입니다.

SKA의 해킹 시도 횟수, 받아낸 자료 수, 성공한 횟수
 

2015_01_by_customer.csv
Customer,"Exploit type",Requested,Downloaded,Succeeded
...
SKA,"Android browser (hosted)",40,12,2
SKA,"Internet Explorer (Hosted)",8,3,3
SKA,"PowerPoint presentation",5,4,3
SKA,"Word document",5,4,2
...
ALL,TOTAL,183,71,37

2015_02_by_customer.csv
Customer,"Exploit type",Requested,Downloaded,Succeeded
...
SKA,SKA-iehosted,2,0,0
SKA,"Android browser (hosted)",41,11,4
SKA,"Internet Explorer (Hosted)",7,6,5
...
ALL,TOTAL,130,40,15

2015_03_by_customer.csv
Customer,"Exploit type",Requested,Downloaded,Succeeded
...
SKA,"Android browser (hosted)",48,4,0
SKA,"Internet Explorer (Hosted)",8,0,0
...
ALL,TOTAL,92,11,2

2015_04_by_customer.csv
Customer,"Exploit type",Requested,Downloaded,Succeeded
...
SKA,"Android browser (hosted)",32,3,0
SKA,"PowerPoint presentation",5,2,1
SKA,"Word document",5,3,3
...
ALL,TOTAL,101,19,9

2015_05_by_customer.csv
Customer,"Exploit type",Requested,Downloaded,Succeeded
..
SKA,"Android browser (hosted)",13,6,0
SKA,"PowerPoint presentation",2,0,0
SKA,"Word document",2,0,0
..
ALL,TOTAL,110,47,26


전문
___________________________
Hi,

As promised, I'm getting back to you with some usage statistics collected from the EDN.
I've generated usage reports for the year 2015 (January to May). Since you are interested in the exploit usage trend over the months, for each month you will find two files:

* 2015_XX_by_customer.csv : For each customer, how many exploits for each type did the customer request, how many of those were actually downloaded and how many did actually install the agent.
* 2015_XX_by_type.csv : Summary of usage for each exploit.

All files are in csv format, which should be very easy to import into any office suite, spreadsheet and graphing software. The meaning of each field is as follows:

Exploit type: The name of the exploit.
Requested: How many exploit instances have been requested by the customer and were deployed.
Downloaded: How many exploit instances have been visited and downloaded. Please note that if an instance was visited with the wrong browser or operating system (e.g., if you attempt to access an Android exploit from a Windows system) it won't be counted as downloaded.
Succeeded: How many exploit instances actually led to agent installation on the target system. Please note that this is an estimate; the EDN system cannot detect for sure whether or not an agent was correctly installed since only the customer can know that.

Ciao,
Luca
________________________

Attached was a zip from which the following data origins. The according client codes can be found in:

/Amministrazione/01 - CLIENTI/5 - Analisi Fatturato/2014/Client Overview 2014/Client Overview_list_20141231.xlsx  

and

/Amministrazione/01 - CLIENTI/5 - Analisi Fatturato/2015/02 - Client Overview 2015/Client Overview_list_20150603.xlsx

(listed below)
________________________
2015_01_by_customer.csv
Customer,"Exploit type",Requested,Downloaded,Succeeded
ARIEL-PROD,"Internet Explorer (Hosted)",3,0,0
ARIEL-PROD,"Word document",2,1,0
CSH-PA,"Android browser (hosted)",6,3,0
CSH-PA,"Word document",3,1,0
FAE-FURLAN,"Internet Explorer (Hosted)",3,1,1
FAE-FURLAN,"Word document",3,1,1
FAE-INVERNIZZI,"Android browser (hosted)",3,1,1
FAE-MARTINEZ,"Android browser (hosted)",1,0,0
FAE-MARTINEZ,"Word document",4,0,0
FAE-SOLIS,"Android browser (hosted)",4,1,1
FAE-SOLIS,"Internet Explorer (Hosted)",3,3,1
FAE-WOON,"Internet Explorer (Hosted)",16,14,7
FAE-WOON,"PowerPoint presentation",17,3,2
FAE-WOON,"Word document",16,12,8
NSS,"Internet Explorer (Hosted)",1,1,0
NSS,"Internet Explorer (HTML)",4,0,0
PHANTOM,"Android browser (hosted)",3,0,0
PHANTOM,"Internet Explorer (Hosted)",1,0,0
PHOEBE-PROD,"Android browser (hosted)",1,0,0
ROS-PROD,"Android browser (hosted)",6,0,0
ROS-PROD,"Android browser (HTML)",6,1,1
SEGOB,"Word document",1,0,0
SEPYF,"Word document",6,4,4
SIO-PROD,"Word document",1,1,0
SKA,"Android browser (hosted)",40,12,2
SKA,"Internet Explorer (Hosted)",8,3,3
SKA,"PowerPoint presentation",5,4,3
SKA,"Word document",5,4,2
UZC,"Internet Explorer (Hosted)",4,0,0
UZC,"PowerPoint presentation",3,0,0
UZC,"Word document",4,0,0
ALL,TOTAL,183,71,37

2015_02_by_customer.csv
Customer,"Exploit type",Requested,Downloaded,Succeeded
ARIEL-PROD,"Android browser (hosted)",11,1,0
ARIEL-PROD,"Word document",1,0,0
CIS,"Android browser (hosted)",2,2,0
CIS,"Internet Explorer (Hosted)",1,1,0
CSH-PA,"Android browser (hosted)",2,1,0
CSH-PA,"Word document",3,1,0
GEDP,"Word document",2,0,0
JASMINE,"Word document",3,1,1
MDNP,"Android browser (hosted)",2,0,0
SEGOB,"Word document",1,1,1
SEPYF,"Internet Explorer (Hosted)",10,5,1
SEPYF,"Word document",21,2,2
SKA,SKA-iehosted,2,0,0
SKA,"Android browser (hosted)",41,11,4
SKA,"Internet Explorer (Hosted)",7,6,5
UZC,"Word document",3,0,0
YUKI,"Android browser (hosted)",16,6,0
ZUEGG,"Internet Explorer (HTML)",1,1,0
ZUEGG,"Word document",1,1,1
ALL,TOTAL,130,40,15

2015_03_by_customer.csv
Customer,"Exploit type",Requested,Downloaded,Succeeded
ARIEL-PROD,"Android browser (hosted)",9,0,0
CIS,"Word document",1,0,0
CSDN-01,"Word document",1,1,1
CSH-PA,"Android browser (hosted)",5,1,0
CSH-PA,"Internet Explorer (Hosted)",1,1,0
CSH-PA,"Word document",1,0,0
FAE-FURLAN,"Internet Explorer (Hosted)",2,1,0
JASMINE,"Internet Explorer (Hosted)",1,0,0
JASMINE,"Word document",1,1,0
ORF,"Android browser (hosted)",2,0,0
PHANTOM,"Android browser (hosted)",3,0,0
SEPYF,"Internet Explorer (Hosted)",1,1,1
SEPYF,"Word document",7,0,0
SKA,"Android browser (hosted)",48,4,0
SKA,"Internet Explorer (Hosted)",8,0,0
ZUEGG,"Android browser (hosted)",1,1,0
ALL,TOTAL,92,11,2

2015_04_by_customer.csv
Customer,"Exploit type",Requested,Downloaded,Succeeded
ARIEL-PROD,"Android browser (hosted)",5,0,0
CSDN-01,"Internet Explorer (Hosted)",2,1,1
CSDN-01,"Word document",2,2,1
CSH-PA,"Android browser (hosted)",1,0,0
ORF,"Android browser (hosted)",1,0,0
ORF,"Word document",7,3,1
PHANTOM,"Android browser (hosted)",3,0,0
ROS-PROD,"Android browser (HTML)",20,3,2
SEPYF,"Word document",2,0,0
SKA,"Android browser (hosted)",32,3,0
SKA,"PowerPoint presentation",5,2,1
SKA,"Word document",5,3,3
UZC,"PowerPoint presentation",1,0,0
UZC,"Word document",5,0,0
VIKIS,"Word document",10,2,0
ALL,TOTAL,101,19,9

2015_05_by_customer.csv
Customer,"Exploit type",Requested,Downloaded,Succeeded
ARIEL-PROD,"Android browser (hosted)",8,1,0
ARIEL-PROD,"Multibrowser (hosted)",8,8,8
ARIEL-PROD,"Multibrowser (HTML)",1,1,1
ARIEL-PROD,"Word document",6,4,2
BRENDA,"Android browser (hosted)",6,0,0
CSH-PA,"Android browser (hosted)",2,2,0
FAE-INVERNIZZI,"Android browser (hosted)",1,1,1
GEDP,"Word document",10,4,2
INTECH-CONDOR,"Multibrowser (hosted)",4,0,0
KNB,"Word document",5,1,0
MDNP,"PowerPoint presentation",1,0,0
SEPYF,"PowerPoint presentation",2,1,1
SEPYF,"Word document",4,1,1
SKA,"Android browser (hosted)",13,6,0
SKA,"PowerPoint presentation",2,0,0
SKA,"Word document",2,0,0
TCC-GID,"Word document",1,0,0
UZC,"Multibrowser (hosted)",8,6,5
UZC,"Word document",8,3,2
VIKIS,"Word document",18,8,3
ALL,TOTAL,110,47,26

_________________________________________

Client codes from /Amministrazione/01 - CLIENTI/5 - Analisi Fatturato/2015/02 - Client Overview 2015/Client Overview_list_20150603.xlsx

PP Polizia Postale Italy
CNI / CNI-old, Prod, Test CNI Spain
IDA IDA SGP Singapore
MKIH Information Office Hungary
CSDN CSDN Morocco
CSH Italy - DA - Rental Italy
MACC MACC Malaysia
PCIT PCM Italy
SSNS SSNS - Ungheria Hungary
ROS CC - Italy Italy
GIP GIP Saudi Saudi
INTECH-CONDOR IR Authorities (Condor) Luxemburg
SEGOB La Dependencia y/o Cisen Mexico
UZC UZC Czech Rep. 
GNSE Egypt - MOD Egypt
PHOEBE 1phoebe-01, -02, -03, Test FBI USA
ORF Oman - Intelligence Oman
PANP President Security Panama
TNP Turkish National Police Turkey
MOI UAE - MOI UAE
NSS NSS Uzbekistan
DOD DOD USA
BSGO Bayelsa State Government Nigeria
PGJ MEX Estado del Mexico Mexico
INSA Information Network Security Agency Ethiopia
INTECH-FALCON State security (Falcon) Luxemburg
SIO Italy - DA - Rental Italy
MYMI MAL - MI Malaysia
AlFahad Morocco - DST Morocco
NISS01-02 NISS - National Intelligence and Security Services Sudan
KVANT Russia - KVANT Russia
TCC-GID Saudi  - GID Saudi
KNB SIS of NSC Kazakistan
SKA The 5163 Army Division S. Korea
UAEAF UAE - Intelligence UAE
KATIE-1 DEA USA
CBA CBA Poland Poland
MOD MOD Saudi Saudi
PMO PMO Malaysia
EDQ Estado de Qeretaro Mexico
AZSN Azerbajan NS Adjerbaijan NSS
GEDP Governo de Puebla Mexico
SDUC Governo de Campeche Mexico
MOACA AC Mongolia Mongolia
THDOC Dept. of Correction Thai Police Thailand
SENAIN SENAIN Ecuador
MDNP DIPOL Colombia
SCICO Guardia di Finanza Italy
CIS Intelligence Cyprus
BHR Midworld Barhein Bahrein
PEMEX Mexico - pemx Mexico 
Malysia K Malaysia
HON Honduras Honduras
SSPT Mex Taumalipas Mexico
SEPYF Sec. De Planeacion y Finanzas Mexico
ARIEL AREA Italia
YUKI Mexico Yucatan Mexico
DUSTIN Mexico Durango Mexico
PHANTOM DIE Chile Chile
JASMINE Jalisco Mexico Mexico
TIKIT Royal Thai Army Thailand
VIKYS Vietnam GD5 Vietnam
ZUEGG Kantonspolizei Zurich Switzerland
VIRNA Vietnam GD1 Vietnam
TREVOR Egypt TRD GNSE Egypt
LIVIA Lebanon Army Forces Lebanon
BRENDA Brasil PF Brasil
PF MEX Policia Federal Mexico Mexico
ATI Resi Informatica Tunisia
MXNV Navy Mexico
PN Policia Federal Spain
CUSAEM CUSAEM Mexico
AFP AFP Australia
RCSSPA Italy - DA - Rental Italy
출처 Hacked_Team leak in an email correspondence from Luca Guerra: /mail3/l.guerra.pst.
전체 추천리스트 보기
새로운 댓글이 없습니다.
새로운 댓글 확인하기
글쓰기
◀뒤로가기
PC버전
맨위로▲
공지 운영 자료창고 청소년보호