Mem3nt0 mori – The Hacking Team is back!
Essential information
- Published
- 27/10/2025 08:11
- Modified
- 27/10/2025 10:53
- Tags
- 2025-10-27 dante leetagent sandbox escape zero-day
- Related entities
- 1 intrusion sets (apt), 14 techniques (mitre), 2 malware, 6 others
Description
Kaspersky researchers uncovered a sophisticated attack campaign dubbed Operation ForumTroll, targeting organizations in Russia and Belarus. The campaign utilized a zero-day exploit (CVE-2025-2783) in Google Chrome to deliver spyware. Further investigation revealed connections to previously unknown commercial spyware called Dante, developed by Memento Labs (formerly Hacking Team). The researchers traced the malware back to 2022 and found similarities in code and tactics between the ForumTroll campaign and Dante spyware attacks. The discovery sheds light on the continued operations of the rebranded Hacking Team and their new surveillance tool.