TA402, a likely Palestinian-aligned advance persistent threat actor, has recently engaged in campaigns leveraging a new implant, dubbed by Proofpoint analysts as NimbleMamba. NimbleMamba is likely a replacement for the group's previously used LastConn implant. These campaigns have a complex attack chain that leverages geofencing and URL redirects to legitimate sites in order to bypass detection efforts.
π¨ Palestine-Aligned Hackers Use New NimbleMamba Implant in Recent Attacks π¨
Userlevel 5
+3
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Login
CUSTOMER / CYMULATE EMPLOYEE LOGINor
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.