| SYMBOL | COMMON_NAME | aka. SYNONYMS |
CL-STA-1087 is a suspected state-sponsored espionage campaign operating out of China, targeting military organizations in Southeast Asia. The actor has demonstrated operational patience, maintaining dormant access for extended periods while focusing on precision intelligence collection and employing robust operational security measures. Their infrastructure includes the use of a legitimate cloud service for C2 operations, indicating a cloud-native approach. File timestamps and other indicators trace the campaign's activity back to 2020, suggesting a long-running operation.
| 2026-03-12
⋅
Palo Alto Networks Unit 42
⋅
Suspected China-Based Espionage Operation Against Military Targets in Southeast Asia AppleChris CL-STA-1087 |