← Back to Actors
Moses Staff
Moses StaffDEV-0500Marigold Sandstorm
[Moses Staff](https://attack.mitre.org/groups/G1009) is a suspected Iranian threat group that has primarily targeted Israeli companies since at least September 2021. [Moses Staff](https://attack.mitre.org/groups/G1009) openly stated their motivation in attacking Israeli companies is to cause damage by leaking stolen sensitive data and encrypting the victim's networks without a ransom demand.(Citation: Checkpoint MosesStaff Nov 2021) Security researchers assess [Moses Staff](https://attack.mitre.org/groups/G1009) is politically motivated, and has targeted government, finance, travel, energy, ...
12
Techniques
12
Covered
0
Gaps
100%
Coverage
Coverage12/12
COVERED (12)
T1016System Network Configuration Discovery35 det.T1021.002SMB/Windows Admin Shares67 det.T1027.013Encrypted/Encoded File7 det.T1082System Information Discovery80 det.T1087.001Local Account32 det.T1105Ingress Tool Transfer170 det.T1190Exploit Public-Facing Application208 det.T1505.003Web Shell57 det.T1553.002Code Signing3 det.T1562.004Disable or Modify System Firewall45 det.T1587.001Malware9 det.T1588.002Tool13 det.