VERY IMPORTANT

Phantom Taurus, a newly identified Chinese state-sponsored threat actor, has been conducting espionage operations targeting government and telecommunications organizations across Africa, the Middle East, and Asia. The group's primary focus includes ministries of foreign affairs, embassies, and military operations, with the objective of gathering sensitive information. Phantom Taurus employs distinctive tactics, techniques, and procedures, including a new malware suite called NET-STAR. This suite consists of three web-based backdoors designed to target Internet Information Services (IIS) web servers. The group has recently shifted from targeting emails to directly accessing databases, demonstrating their ability to adapt and evolve their methods. Phantom Taurus' activities align with Chinese strategic interests, and their infrastructure overlaps with other known Chinese APT groups.