Operation SLOW#TEMPEST

Description

(Securonix) The Securonix Threat Research team has uncovered a covert campaign targeting Chinese-speaking users with Cobalt Strike payloads likely delivered through phishing emails. The attackers managed to move laterally, establish persistence and remain undetected within the systems for more than two weeks.

Names

Name	Name-Giver
Operation SLOW#TEMPEST	?

Country

China

Motivation

Information theft and espionage

First Seen

2024

Observed Countries

China

Tools

Cobalt Strike
Mimikatz

Information

https://www.securonix.com/blog/from-cobalt-strike-to-mimikatz-slowtempest/

Other Information

Uuid

74200598-520d-4bf8-af62-e1fc08587450

Last Card Change

2024-10-23

Threat Intelligence Garden

Explorer

Operation SLOW#TEMPEST

Operation SLOW#TEMPEST

Description

Names

Country

Motivation

First Seen

Observed Countries

Tools

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents