Jamf Blog
February 16, 2022 by Matthias Wollnik

Jamf protects against NimbleMamba malware slithering about

Jamf Threat Labs updates Jamf Threat Defense, preventing NimbaMamba from threatening your Windows devices.

Threat: NimbleMamba

Proofpoint recently documented a new phishing campaign and associated malware by a threat actor dubbed TA402/MoleRats.

Affects: The NimbleMamba malware is a Windows-targeted intelligence-gathering tool. The associated phishing campaign seems to be primarily targeted geographically in the Middle East.

Detected by: Jamf Threat Defense identifies any phishing attempts for this current phishing campaign as of 2/10/2022.

Prevented by: Jamf Threat Defense blocks phishing attempts for this current phishing campaign as of 2/11/2022.

IOCs (as published by Proofpoint):





Web exploit URLs:



Concerned about NimbleMamba taking a bite out of your Windows fleet?

Jamf Threat Defense has what it takes to defang this and countless other malware to keep your macOS, iOS, Windows and Android endpoints protected.

Photo of Matthias Wollnik
Matthias Wollnik
Subscribe to the Jamf Blog

Have market trends, Apple updates and Jamf news delivered directly to your inbox.

To learn more about how we collect, use, disclose, transfer, and store your information, please visit our Privacy Policy.