 |
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
|
สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์ Electronic Transactions Development Agency |
APT group: Operation SLOW#TEMPEST| Names | Operation SLOW#TEMPEST (?) | |
| Country |  China | |
| Motivation | Information theft and espionage | |
| First seen | 2024 | |
| Description | (Securonix) The Securonix Threat Research team has uncovered a covert campaign targeting Chinese-speaking users with Cobalt Strike payloads likely delivered through phishing emails. The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks. | |
| Observed | Countries: China. | |
| Tools used | Cobalt Strike, Mimikatz. | |
| Information | <https://www.securonix.com/blog/from-cobalt-strike-to-mimikatz-slowtempest/> <https://unit42.paloaltonetworks.com/slow-tempest-malware-obfuscation/> | |
Last change to this card: 16 August 2025
Download this actor card in PDF or JSON format
Previous: Operation Silent Skimmer
Next: Operation Spalax
|
Digital Service Security Center Follow us on
|
Report incidents |
|
 |
+66 (0)2-123-1227 | |
 |
[email protected] | |