ETDA สำนักงานพัฒนาธุรกรรมทางอิเล็กทรอนิกส์
Electronic Transactions Development Agency
Report
Search
Home > List all groups > Operation SLOW#TEMPEST

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link APT group: Operation SLOW#TEMPEST

NamesOperation SLOW#TEMPEST (?)
CountryChina China
MotivationInformation theft and espionage
First seen2024
Description(Securonix) The Securonix Threat Research team has uncovered a covert campaign targeting Chinese-speaking users with Cobalt Strike payloads likely delivered through phishing emails. The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks.
ObservedCountries: China.
Tools usedCobalt Strike, Mimikatz.
Information<https://www.securonix.com/blog/from-cobalt-strike-to-mimikatz-slowtempest/>

Last change to this card: 23 October 2024

Download this actor card in PDF or JSON format

Previous: Operation Silent Skimmer
Next: Operation Spalax

Digital Service Security Center
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1227
E-mail [email protected]