Names | CallMe | |
Category | Malware | |
Type | Backdoor | |
Description | (Palo Alto) CallMe is a Trojan designed to run on the Apple OSX operating system. This Trojan was delivered in targeted attacks on Uyghur activists in 2013 and used infrastructure associated with FakeM. In February 2013, AlienVault performed analysis on the CallMe Trojan and found that it is based on a tool called Tiny SHell, an OSX shell tool whose source code is available on the Internet. The Trojan uses AES to encrypt the communication channel its C2 server, which will provide one of three commands to carry out activities on the compromised system. | |
Information | <https://unit42.paloaltonetworks.com/scarlet-mimic-years-long-espionage-targets-minority-activists/> <https://cybersecurity.att.com/blogs/labs-research/cyber-espionage-campaign-against-the-uyghur-community-targeting-macosx-syst> | |
MITRE ATT&CK | <https://attack.mitre.org/software/S0609> |
Last change to this tool card: 22 June 2023
Download this tool card in JSON format
Changed | Name | Country | Observed | ||
APT groups | |||||
Scarlet Mimic | 2015-Aug 2022 |
1 group listed (1 APT, 0 other, 0 unknown)
Digital Service Security Center Follow us on |
Report incidents |
|
+66 (0)2-123-1227 | ||
[email protected] |