← Back to Actors
Moses Staff
Moses StaffDEV-0500Marigold Sandstorm
[Moses Staff](https://attack.mitre.org/groups/G1009) is a suspected Iranian threat group that has primarily targeted Israeli companies since at least September 2021. [Moses Staff](https://attack.mitre.org/groups/G1009) openly stated their motivation in attacking Israeli companies is to cause damage by leaking stolen sensitive data and encrypting the victim's networks without a ransom demand.(Citation: Checkpoint MosesStaff Nov 2021) Security researchers assess [Moses Staff](https://attack.mitre.org/groups/G1009) is politically motivated, and has targeted government, finance, travel, energy, ...
13
Techniques
13
Covered
0
Gaps
100%
Coverage
Coverage13/13
COVERED (13)
T1016System Network Configuration Discovery39 det.T1021.002SMB/Windows Admin Shares73 det.T1027.013Encrypted/Encoded File8 det.T1082System Information Discovery86 det.T1087.001Local Account33 det.T1105Ingress Tool Transfer183 det.T1190Exploit Public-Facing Application216 det.T1505.003Web Shell63 det.T1553.002Code Signing3 det.T1562.004Disable or Modify System Firewall48 det.T1587.001Malware10 det.T1588.002Tool13 det.T1686.003Windows Host Firewall20 det.