| SYMBOL | COMMON_NAME | aka. SYNONYMS |
CL-STA-0043 is a highly skilled and sophisticated threat actor, believed to be a nation-state, targeting governmental entities in the Middle East and Africa. They exploit vulnerabilities in on-premises Internet Information Services and Microsoft Exchange servers to infiltrate target networks. They engage in reconnaissance, locate vital assets, and have been observed using native Windows tools for privilege escalation.
There are currently no families associated with this actor.
| 2024-05-23
⋅
Palo Alto Networks Unit 42
⋅
Operation Diplomatic Specter: An Active Chinese Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia Agent Racoon CHINACHOPPER Ghost RAT JuicyPotato MimiKatz Ntospy PlugX SweetSpecter TunnelSpecter CL-STA-0043 |
| 2023-06-16
⋅
Palo Alto Networks: Cortex Threat Research
⋅
Through the Cortex XDR Lens: Uncovering a New Activity Group Targeting Governments in the Middle East and Africa CHINACHOPPER Ladon Yasso CL-STA-0043 |