[threat-actors] Add Starry Addax

clusters/threat-actor.json

@@ -15632,6 +15632,16 @@
       },
       "uuid": "edd85e27-9d05-4bc7-9b2b-5422e909336a",
       "value": "Earth Hundun"
+    },
+    {
+      "description": "Starry Addax is a threat actor targeting human rights activists associated with the Sahrawi Arab Democratic Republic using a novel mobile malware called FlexStarling. They conduct phishing attacks to trick targets into installing malicious Android applications and serve credential-harvesting pages to Windows-based targets. Their infrastructure targets both Windows and Android users, with the campaign starting with spear-phishing emails containing requests to install specific mobile apps or related themes. The campaign is in its early stages, with potential for additional malware variants and infrastructure development.",
+      "meta": {
+        "refs": [
+          "https://blog.talosintelligence.com/starry-addax/"
+        ]
+      },
+      "uuid": "579fde0d-0840-4e49-ad62-405ce338f5a6",
+      "value": "Starry Addax"
     }
   ],
   "version": 305