Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 22:39:56 UTC
Home > List all groups > List all tools > List all groups using tool CallMe
 Tool: CallMe
Names CallMe
Category Malware
Type Backdoor
Description
(Palo Alto) CallMe is a Trojan designed to run on the Apple OSX operating system. This
Trojan was delivered in targeted attacks on Uyghur activists in 2013 and used
infrastructure associated with FakeM.
In February 2013, AlienVault performed analysis on the CallMe Trojan and found that it
is based on a tool called Tiny SHell, an OSX shell tool whose source code is available
on the Internet. The Trojan uses AES to encrypt the communication channel its C2
server, which will provide one of three commands to carry out activities on the
compromised system.
Information
MITRE ATT&CK Last change to this tool card: 22 June 2023
Download this tool card in JSON format
All groups using tool CallMe
Changed Name Country Observed
APT groups
 Scarlet Mimic 2015-Aug 2022
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=631376c6-c3e1-4edb-804a-bf09c77fc2a5
Page 1 of 2

1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=631376c6-c3e1-4edb-804a-bf09c77fc2a5
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=631376c6-c3e1-4edb-804a-bf09c77fc2a5
Page 2 of 2