TEMP_Heretic  (Back to overview)

TEMP_Heretic is a threat actor that has been observed engaging in targeted spear-phishing campaigns. They exploit vulnerabilities in email platforms, such as Zimbra, to exfiltrate emails from government, military, and media organizations. They use multiple email addresses and manually craft content for each email before sending it.

Associated Families

There are currently no families associated with this actor.

2022-02-03VolexitySteven Adair, Thomas Lancaster
Operation EmailThief: Active Exploitation of Zero-day XSS Vulnerability in Zimbra

Credits: MISP Project