EG

Storm-0867Storm-0867

Also known as: DEV-0867 · Storm-0867

Origin
EG
Known aliases
2

Profile

Storm-0867 is a threat actor that has been active since 2012 and has targeted various industries and regions. They employ sophisticated phishing campaigns, utilizing social engineering techniques and a phishing as a service platform called Caffeine. Their attacks involve intercepting and manipulating communication between users and legitimate services, allowing them to steal passwords, hijack sign-in sessions, bypass multifactor authentication, and modify authentication methods.

Aliases· 2

DEV-0867Storm-0867

References

  1. https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-chronicles-a-deep-dive-into-storm-0867/ba-p/3911769

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Storm-1167
Actor
Storm-1286
Actor
Storm-0940
Actor
Storm-0539
Actor
Storm-2372
Actor
Storm-1283
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.