Home » Roaming Mantis

Roaming Mantis

Roaming Mantis (Chinese intrusion set) is assessed to be a financially motivated group, with a history of targeting developed countries.

Recently, it has been linked to a series of SMS phishing attacks (Smishing) targeting France, Germany and previously Korea, Japan, Taiwan. Its Smishing campaigns target Android-type devices by spreading malware called “Moqhao alias Wroba, Xloader”.

MoqHao (aka Wroba, XLoader for Android) is an Android Remote Access Trojan (RAT) with information-stealing and backdoor capabilities that likely spreads via SMS.

Sekoia.io analysts monitor and track this threat since the beginning of 2022. In a blog post, they describe each step of the ongoing Smishing campaign and share their investigation on Roaming Mantis’ infrastructure.
To learn more, click on this link.

You can consult other topics available in our glossary below: APT31, Turla, Nobelium APT29, Vice Society, Advanced Persistent threat, CTI, XDR, SOAR, SIEM, SOC, EDR, CERT, STIX, IoC.

If you are visiting our website for the first time, know that we are a cybersecurity software publisher. We provide SOC and MSSP teams with a turnkey operational security platform (SOC platform). Through our XDR platformCTI tool and threat intelligence platform, we enable our users to neutralize cyber threats, regardless of the attack surface.

Others Terms


Calisto is a reputed threat actor close to Russia and also known as COLDRIVER.

APT(Advanced Persistent Threat)

APT (Advanced Persistent Threat) is a sophisticated attack on an organization that can take months to identify and remove. It is also used as a term for malware designed to steal information from a targeted organization.

Échangez avec l’équipe

Vous souhaitez en savoir plus sur nos solutions de protection ?
Vous voulez découvrir nos produits de XDR et de CTI ?
Vous avez un projet de cybersécurité dans votre organisation ?
Prenez rendez-vous et rencontrons-nous !

Chat with our team !

Would you like to know more about our solutions ?
Do you want to discover our XDR and CTI products ?
Do you have a cyber security project in your organization ?
Make an appointment and meet us !