This is the Trace Id: f866e84eff6bf7323d1b259fa15718f0
Skip to main content Security Insider Cyber Pulse Threat landscape Emerging trends Sign up for CISO Digest Microsoft Security Azure Dynamics 365 Microsoft 365 Microsoft Teams Windows 365 Microsoft AI Azure Space Mixed reality Microsoft HoloLens Microsoft Viva Quantum computing Sustainability Education Automotive Financial services Government Healthcare Manufacturing Retail Find a partner Become a partner Partner Network Microsoft Marketplace Software companies Blog Microsoft Advertising Developer Center Documentation Events Licensing Microsoft Learn Microsoft Research View Sitemap

Join RSAC executive panel session on March 24 “AI agents are here! Are you ready?”.

Register now

Private Sector Offensive Threat Actor Caramel Tsunami

Download
Share
Blue hexagon pattern with O/O text.
Caramel Tsunami (formerly SOURGUM) generally sells cyberweapons, usually malware and zero-day exploits, as a part of a hacking-as-a-service package sold to government agencies and other malicious actors. Caramel Tsunami appears to use a chain of browser and Windows exploits, including 0-days, to install malware on victim boxes. Browser exploits appear to be served via single-use URLs sent to targets on messaging applications such as WhatsApp. The malware Caramel Tsunami installs is DevilsTongue, a complex modular multi-threaded piece of malware written in C and C++ with several novel capabilities.

DETAILS

Also known as:

  • SOURGUM

Country of origin:

  • Isreal

Microsoft Threat Intelligence: Recent Caramel Tsunami Articles

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

Learn more

Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware

Learn more

Fighting cyberweapons built by private businesses

Learn more

Follow Microsoft Security

Surface Pro Surface Laptop Surface Laptop Studio 2 Copilot for organizations Copilot for personal use AI in Windows Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store Support Returns Order tracking Microsoft Store Promise Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education Office Education Educator training and development Deals for students and parents Azure for students
Microsoft AI Microsoft Security Azure Dynamics 365 Microsoft 365 Microsoft Advertising Microsoft 365 Copilot Microsoft Teams Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Microsoft Power Platform Software companies Visual Studio Careers Company news Privacy at Microsoft Investors Sustainability
English (New Zealand) Consumer Health Privacy Contact Microsoft Privacy Manage cookies Terms of use Trademarks About our ads