This is the Trace Id: 5f0376fb90a85c6f9874201e08deea9f
Skip to main content Security Insider Cyber Pulse Microsoft Digital Defense Report Threat landscape Emerging trends Risk management Leadership perspectives Operations Sign up for CISO Digest Microsoft Security Azure Dynamics 365 Microsoft 365 Microsoft Teams Windows 365 Microsoft AI Azure Space Mixed reality Microsoft HoloLens Microsoft Viva Quantum computing Sustainability Education Automotive Financial services Government Healthcare Manufacturing Retail Find a partner Become a partner Partner Network Microsoft Marketplace Software companies Blog Microsoft Advertising Developer Center Documentation Events Licensing Microsoft Learn Microsoft Research View Sitemap

Private Sector Offensive Threat Actor Caramel Tsunami

Download
Share
Blue hexagon pattern with O/O text.
Caramel Tsunami (formerly SOURGUM) generally sells cyberweapons, usually malware and zero-day exploits, as a part of a hacking-as-a-service package sold to government agencies and other malicious actors. Caramel Tsunami appears to use a chain of browser and Windows exploits, including 0-days, to install malware on victim boxes. Browser exploits appear to be served via single-use URLs sent to targets on messaging applications such as WhatsApp. The malware Caramel Tsunami installs is DevilsTongue, a complex modular multi-threaded piece of malware written in C and C++ with several novel capabilities.

DETAILS

Also known as:

  • SOURGUM

Country of origin:

  • Isreal

Microsoft Threat Intelligence: Recent Caramel Tsunami Articles

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

Learn more

Protecting customers from a private-sector offensive actor using 0-day exploits and DevilsTongue malware

Learn more

Fighting cyberweapons built by private businesses

Learn more

Follow Microsoft Security

Surface Pro Surface Laptop Surface Laptop Studio 2 Copilot for organizations Copilot for personal use AI in Windows Explore Microsoft products Windows 11 apps Account profile Download Center Microsoft Store support Returns Order tracking Certified Refurbished Microsoft Store Promise Flexible Payments Microsoft in education Devices for education Microsoft Teams for Education Microsoft 365 Education How to buy for your school Educator training and development Deals for students and parents AI for education
Microsoft AI Microsoft Security Dynamics 365 Microsoft 365 Microsoft Power Platform Microsoft Teams Microsoft 365 Copilot Small Business Azure Microsoft Developer Microsoft Learn Support for AI marketplace apps Microsoft Tech Community Microsoft Marketplace Software companies Visual Studio Careers About Microsoft Company news Privacy at Microsoft Investors Diversity and inclusion Accessibility Sustainability
English (United States) Consumer Health Privacy Sitemap Contact Microsoft Privacy Manage cookies Terms of use Trademarks Safety & eco Recycling About our ads