| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Storm-0867 is a threat actor that has been active since 2012 and has targeted various industries and regions. They employ sophisticated phishing campaigns, utilizing social engineering techniques and a phishing as a service platform called Caffeine. Their attacks involve intercepting and manipulating communication between users and legitimate services, allowing them to steal passwords, hijack sign-in sessions, bypass multifactor authentication, and modify authentication methods.
There are currently no families associated with this actor.
| 2023-08-28
⋅
Microsoft
⋅
Defender Experts Chronicles: A Deep Dive into Storm-0867 Storm-0867 |