 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
APT group: Operation SLOW#TEMPEST| Names | Operation SLOW#TEMPEST (?) | |
| Country |  China | |
| Motivation | Information theft and espionage | |
| First seen | 2024 | |
| Description | (Securonix) The Securonix Threat Research team has uncovered a covert campaign targeting Chinese-speaking users with Cobalt Strike payloads likely delivered through phishing emails. The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks. | |
| Observed | Countries: China. | |
| Tools used | Cobalt Strike, Mimikatz. | |
| Information | <https://www.securonix.com/blog/from-cobalt-strike-to-mimikatz-slowtempest/> | |
Last change to this card: 23 October 2024
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |