Memento Labs Resurfaces as Mem3nt0 Mori - Hacking Team Successor Linked to Espionage
Category:Threat Intelligence / APT Operations
Security researchers identified a reemergence of the Hacking Team’s successor group, Mem3nt0 Mori, associated with advanced spyware and Chrome zero-day exploitation. The campaign links to state-backed espionage targeting diplomatic and defense networks in Europe and the Middle East.
CORTEX Protocol Intelligence Assessment
Business Impact: Enterprises operating in government contracting, defense, and critical communications sectors face heightened espionage risk from Italian-origin APT toolchains. Technical Context: The campaign exploits Chrome zero-days and custom loader stages in Dante spyware to establish persistence and exfiltrate encrypted payloads via HTTPS tunnels.
Strategic Intelligence Guidance
- Patch Chrome browsers to latest builds immediately
- Implement TLS inspection and traffic anomaly monitoring
- Apply EDR heuristic detection for signed payload loaders
- Review diplomatic and defense network segmentation policies
CVEs
Vendors
Threats
Targets
Intelligence Source: Mem3nt0 Mori: The Hacking Team Is Back | Oct 28, 2025