Intel Name: Call it what you want: threat actor delivers highly targeted multistage polyglot malware
Date of Scan: March 7, 2025
Impact: High
Summary: In fall 2024, UNK_CraftyCamel exploited a compromised Indian electronics company to target fewer than five organizations in the United Arab Emirates. The attack involved a malicious ZIP file containing multiple polyglot files, ultimately delivering a custom Go backdoor named Sosano.
