← Back to Actors
Moses Staff
Moses StaffDEV-0500Marigold Sandstorm
[Moses Staff](https://attack.mitre.org/groups/G1009) is a suspected Iranian threat group that has primarily targeted Israeli companies since at least September 2021. [Moses Staff](https://attack.mitre.org/groups/G1009) openly stated their motivation in attacking Israeli companies is to cause damage by leaking stolen sensitive data and encrypting the victim's networks without a ransom demand.(Citation: Checkpoint MosesStaff Nov 2021) Security researchers assess [Moses Staff](https://attack.mitre.org/groups/G1009) is politically motivated, and has targeted government, finance, travel, energy, ...
13
Techniques
13
Covered
0
Gaps
100%
Coverage
Coverage13/13
COVERED (13)
T1016System Network Configuration Discovery40 det.T1021.002SMB/Windows Admin Shares74 det.T1027.013Encrypted/Encoded File8 det.T1082System Information Discovery86 det.T1087.001Local Account33 det.T1105Ingress Tool Transfer184 det.T1190Exploit Public-Facing Application227 det.T1505.003Web Shell65 det.T1553.002Code Signing4 det.T1562.004Disable or Modify System Firewall48 det.T1587.001Malware10 det.T1588.002Tool13 det.T1686.003Windows Host Firewall20 det.