中国相关团体Phantom Taurus自2022年以来一直以全球政府和国防实体为目标, 使用隐形恶意软件窃取敏感数据。 A China-linked group, Phantom Taurus, has targeted government and defense entities worldwide since 2022 using stealthy malware to steal sensitive data.

至少自2022年以来,一个与中国有联系的名为“幻影金牛座”的网络团体一直积极以亚洲、非洲和中东的政府、国防和外交实体为目标,使用名为“NET-STAR”的“网络恶意软件”的定制软件“NET-STAR”来破坏IIS网络服务器。 A China-linked cyber group called Phantom Taurus has been actively targeting government, defense, and diplomatic entities across Asia, Africa, and the Middle East since at least 2022, using custom .NET malware named NET-STAR to compromise IIS web servers. 该团体(又称 " 外交间谍行动 " )采用隐形战术,如无档案处决和逃生工具,以避免被发现,利用微软交换系统等系统中的脆弱性。 The group, also known as Operation Diplomatic Specter, employs stealthy tactics like fileless execution and evasion tools to avoid detection, exploiting vulnerabilities in systems like Microsoft Exchange. 它已从电子邮件攻击转向直接从数据库中提取数据,重点是阿富汗和巴基斯坦等国家的敏感信息。 It has shifted from email attacks to directly extracting data from databases, focusing on sensitive information from nations including Afghanistan and Pakistan. 虽然确切的感染方法尚不清楚,但其活动与重大全球事件和中国的战略利益相一致。 While the exact infection methods remain unclear, its activities align with major global events and Chinese strategic interests.