ShroudedSnooper

Description

(Talos) This specific cluster of implants involving HTTPSnoop and PipeSnoop and associated tactics, techniques, and procedures (TTPs) do not match a known group that Talos tracks. We are therefore attributing this activity to a distinct intrusion set we’re calling “ShroudedSnooper.”

Names

Name	Name-Giver
ShroudedSnooper	Talos

Country

• Unknown

Motivation

• Information theft and espionage

First Seen

2023

Observed Sectors

• Telecommunications

Observed Countries

• Middle East

Tools

• HTTPSnoop
• PipeSnoop

Information

• https://blog.talosintelligence.com/introducing-shrouded-snooper/

Other Information

Uuid

97687b24-8fea-4ff7-9dfc-d4be417f5c68

Last Card Change

2023-10-12