SYMBOL | COMMON_NAME | aka. SYNONYMS |
In September 2023, Cisco Talos identified a new malware family that it calls ‘HTTPSnoop’ being deployed against telecommunications providers in the Middle East. They also discovered a sister implant to 'HTTPSnoop,’ that they are naming ‘PipeSnoop,’ which can accept arbitrary shellcode from a named pipe and execute it on the infected endpoint. Based on these findings, the researchers assess with high confidence that both implants belong to a new intrusion set that it named ‘ShroudedSnooper.’
There are currently no families associated with this actor.
2023-10-24
⋅
Sentinel LABS
⋅
The Israel-Hamas War | Cyber Domain State-Sponsored Activity of Interest ShroudedSnooper |
2023-09-19
⋅
Cisco Talos
⋅
New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants HTTPSnoop PipeSnoop LightBasin ShroudedSnooper |