Storm Cloud
0 incidentes
0 paises
0 sectores
apt CN Ultimo: -
Aliases: como Holy Water, Godlike12, SweetAlerts, Strategic web compromise (watering hole), Holy Water, Holy Water sugiere una tradición de actividades persistentes
Storm Cloud is a threat actor identified in 2020, known for conducting highly targeted cyber espionage operations. This group is assessed to be affiliated with China and primarily focuses on government entities, defense organizations, and the aerospace sector. Their core motivation is cyber espionage, aiming to exfiltrate sensitive data and intellectual property. The group is characterized by its use of custom malware, personalized spear-phishing campaigns, and the exploitation of zero-day vulnerabilities. Notably, Storm Cloud was observed targeting the Tibetan community through fake Flash campaigns. It is important to differentiate 'Storm Cloud' from other threat actors designated by Microsoft using the 'Storm-####' naming convention, such as Storm-0501 (a financially motivated ransomware group) or Storm-0558 (another China-linked cyber espionage group with distinct TTPs), as 'Storm Cloud' is not an alias for these groups.
Sectores objetivo (SOCRadar)
Public AdministrationSpace & DefenseManagement, Scientific, and Technical Consulting ServicesGrantmaking and Giving Services