The Reveal Platform
Intel Name: Phantom taurus: a new chinese nexus apt and the discovery of the net-star malware suite
Date of Scan: October 1, 2025
Impact: Medium
Summary: Phantom Taurus is a newly identified Chinese nation-state APT group focused on espionage. Active for over two years, it targets government and telecom sectors in Africa, the Middle East, and Asia, especially ministries, embassies, and military operations. Known for its stealth and adaptive TTPs, the group uses a custom malware tool called NET-STAR. Initially tracked as a temporary cluster, it was later confirmed as a distinct threat actor linked to PRC state interests.
