Investigating Threat Actor Targeting Researchers, Academics

Name: Investigating Threat Actor Targeting Researchers, Academics
Description: Christophe Tafani-Dereeper and Matt Muir from Datadog presented "Weaponizing Trust," a detailed investigation into a threat actor they designate MUD-1244, which they began tracking in December 2024. M

Christophe Tafani-Dereeper, Matt Muir

DEF CON 33 · Day 2 · Main Stage

Christophe Tafani-Dereeper and Matt Muir from Datadog presented "Weaponizing Trust," a detailed investigation into a threat actor they designate MUD-1244, which they began tracking in December 2024. M

AI review

Datadog researchers track MUD-1244, a threat actor running a months-long targeted campaign against security researchers and academics via trojanized npm packages, fake CVE proof-of-concept repositories, and malicious academic paper companion code — credential-harvesting AWS keys and SSH private keys with persistent backdoor access.

Watch on YouTube