Incidents attributed to:

Storm-0062

The cyberattack campaign that Microsoft uncovered was launched by a China-linked hacking group called Storm-0062.

The cyberattack campaign that Microsoft uncovered was launched by a China-linked hacking group called Storm-0062. According to the company, the group is launching cyberattacks by exploiting a vulnerability in the Data Center and Server editions of Confluence. Those are versions of the application that companies run on-premises.

Also known as

Oro0lxy, DarkShadow.

References

techcommunity.microsoft.com
sentinelone.com
twitter.com

Actor metadata imported from Malpedia (Fraunhofer FKIE).