Uptime Hamster: 16d 8h 40mDeploy: 14 Jul 2026 21:26Updated: 2026-07-14
Logo del actor de amenaza Phlox Tempest

Phlox Tempest

0 incidentes 0 paises 0 sectores apt IL Ultimo: -
Aliases: DEV-0796
Ver en IntelTracker → APTTrail →
Phlox Tempest is a sophisticated cyber threat actor employing advanced persistent threat (APT) techniques, primarily targeting critical infrastructure sectors. The group distinguishes itself through extensive reconnaissance and the use of custom malware in its operations. Their primary motivation is assessed to be espionage or disruption, rather than financial gain. The group is suspected with moderate confidence to be state-sponsored, originating from Israel. While the name Phlox Tempest appears in public reporting for a click-fraud operation, the actor described here is distinct and focused on high-value targets, utilizing methods consistent with nation-state objectives. No significant evolution in their structure or model has been publicly reported beyond their consistent APT approach.

Aliases del actor

DEV-0796

Actores similares

devmanransomware · 184Network Devicesactor · 1Compromise Software Dependencies and Development Toolsactor · 1Device Driver Discoveryactor · 1Cinnamon Tempestactor · 1Mustard Tempestapt · 1CS FQL: 32. Detect Data Exfiltration via external storage devicesactor · 1dev-0322actor · 1dev-0343actor · 1weredevilsactor · 1
Tecnicas MITRE
T1566.001, T1071.001, T1059.003, T1003.001
Tipo
apt
Pais origen
IL
Motivacion
-
Impacto
4
Actualizado
Sat, 03 Fe

Sectores objetivo (SOCRadar)

Energy & Utilities HealthCare & Social AssistancePublic Administration