PipeSnoop (Malware Family)

SYMBOL	COMMON_NAME	aka. SYNONYMS

PipeSnoop

aka: TOFUPIPE

Cisco Talos states that PipeSnoop can accept arbitrary shellcode from a named pipe and execute it on the infected endpoint.

2024-09-19 ⋅ Mandiant ⋅ Mark Lechtik, Matan Mimran, Sarah Bock, Stav Shulman
UNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks
CRYPTOSLAY PipeSnoop TEMPLEDOOR UNC1860

2023-09-19 ⋅ Cisco Talos ⋅ Arnaud Zobec, Asheer Malhotra, Caitlin Huey, Sean Taylor, Vitor Ventura
New ShroudedSnooper actor targets telecommunications firms in the Middle East with novel Implants
HTTPSnoop PipeSnoop LightBasin ShroudedSnooper

There is no Yara-Signature yet.