Uptime Hamster: 15d 7h 57mDeploy: 13 Jul 2026 08:04Updated: 2026-07-05
Logo del actor de amenaza Storm-2949

Storm-2949

0 incidentes 0 paises 0 sectores apt Ultimo: -
Ver en IntelTracker → APTTrail →
Storm-2949 is a threat actor first identified in 2026 that conducts multi-phase, identity-driven cloud breach campaigns, primarily targeting Microsoft 365 and Azure environments. The group's primary motivation is corporate espionage through the exfiltration of sensitive data from high-value organizational assets. What distinguishes Storm-2949 is its method of operation, which largely forgoes traditional malware and zero-day exploits in favor of abusing legitimate cloud features, built-in administrative tools, and identity services to achieve control-plane and data-plane access. This approach allows their activities to blend into normal administrative behavior, making detection challenging.

Actores similares

stormousransomware · 177crimson-sandstormactor · 1Storm-1811actor · 1Storm-0501apt · 1Dust Stormapt · 1storm-cloudactor · 1unc1549-crimson-sandstormactor · 1smoke-sandstorm-cuboid-saactor · 1Storm-0324apt · 0Storm-2372apt · 0
Tipo
apt
Pais origen
-
Motivacion
-
Impacto
7
Actualizado
Thu, 04 Ju