← All Threat Actors
Threat Actor Profile

ShroudedSnooper

No known aliases in database
▲ High Threat
In September 2023, Cisco Talos identified a new malware family that it calls ‘HTTPSnoop’ being deployed against telecommunications providers in the Middle East. They also discovered a sister implant to 'HTTPSnoop,’ that they are naming ‘PipeSnoop,’ which can accept arbitrary shellcode from a named pipe and execute it on the infected endpoint. Based on these findings, the researchers assess with high confidence that both implants belong to a new intrusion set that it named ‘ShroudedSnooper.’
Origin

External Resources

CISA Advisories ↗

Related Intelligence

Hacking the mainframe…

LINK COPIED TO CLIPBOARD