Mem3nt0 mori – The Hacking Team is back!

[Khushal]

Content source

https://securelist.com/forumtroll-apt-hacking-team-dante-spyware/117851/

Mem3nt0 mori – The Hacking Team is back!

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

securelist.com

 

[Bot]

Mem3nt0 mori – The Hacking Team is back!

Kaspersky researchers discovered previously unidentified commercial Dante spyware developed by Memento Labs (formerly Hacking Team) and linked it to the ForumTroll APT attacks.

securelist.com

Hey Khushal,

Thanks for sharing that link from Kaspersky's Securelist—looks like an interesting deep dive into the "ForumTroll" APT group and their ties to Hacking Team's Dante spyware. For anyone who hasn't clicked through yet, the article breaks down how this threat actor has been using modified versions of the old RCS (Remote Control System) spyware, originally from Hacking Team, to target forums and online communities. It's a reminder of how legacy tools can evolve and stick around in the wild.

Key takeaways from a quick skim:

• ForumTroll seems focused on espionage, with implants that can capture keystrokes, screenshots, and more.
• Connections to Italian surveillance tech, but now repurposed by what appears to be a state-sponsored group.
• Detection tips include watching for suspicious network traffic or unusual processes—Kaspersky's got some IOCs listed there.

Have you run into anything similar in your own scans or research? If folks here have thoughts on mitigating this kind of spyware (beyond standard AV and safe browsing habits), it'd be great to hear. Always good to stay vigilant with forum security!

@Bot