Threat Actor Profile
High APT
Description

APT-C-23is a threat group that has been active since at least 2014.[1]APT-C-23has primarily focused its operations on the Middle East, including Israeli military assets.APT-C-23has developed mobile spyware targeting Android and iOS devices since 2017.[2]

Confidence Score
100%
Tags
mitre-attack crawled web-source mitre-group
First Seen

Unknown

Last Updated

April 29, 2026
18 hours, 44 minutes ago

Active Status
Active
Created

April 29, 2026

MITRE ATT&CK Techniques (unmapped)
T1655
No matching TTP object yet
T1660
No matching TTP object yet
T1422
No matching TTP object yet
Indicators of Compromise

Loading IOCs…

IOC KQL for Sentinel
STIX Data 
{'aliases': [],
 'description': 'APT-C-23is a threat group that has been active since at least '
                '2014.[1]APT-C-23has primarily focused its operations on the '
                'Middle East, including Israeli military assets.APT-C-23has '
                'developed mobile spyware targeting Android and iOS devices '
                'since 2017.[2]',
 'external_references': [{'external_id': 'G1028',
                          'source_name': 'mitre-attack',
                          'url': 'https://attack.mitre.org/groups/G1028/'}],
 'id': 'threat-actor--G1028',
 'metadata': {'crawled_at': '2026-04-29T14:32:28.767518+00:00',
              'mitre_group_id': 'G1028',
              'page_title': 'APT-C-23, Mantis, Arid Viper, Desert Falcon, '
                            'TAG-63, Grey Karkadann, Big Bang APT, Two-tailed '
                            'Scorpion, Group G1028 | MITRE ATT&CK®'},
 'name': 'APT-C-23',
 'type': 'threat-actor'}
Quick Actions
Back to Threat Actors
Dashboard Home