The threat actor “ToddyCat,” a Chinese-linked threat actor, is being observed exploiting a vulnerability in ESET security software to spread a newly discovered malware strain known as TCESB, a new strain that has recently been discovered.
In a recent study by cybersecurity company Kaspersky, the group’s evolving tactics and expanding arsenal were highlighted in an analysis released by the company.
The TCESB software, which consists of a novel addition to ToddyCat’s toolkit, has been designed specifically to be able to stealthily execute malicious payloads without being detected by existing monitoring and protection software installed on compromised computers, according to Kaspersky.
The malware’s ability to bypass security measures illustrates its sophistication and the calculated approach adopted by its operators.
In recent years, TeddyCat has actively participated in several cyber-espionage campaigns primarily targeting Asian organizations, primarily targeting organisations. In at least December 2020, the group began to conduct attacks against high-value entities in the region, and it has gained notoriety for a number of these attacks, including sustained attacks on high-value entities throughout the region.
The intrusions are believed to be intended to gather intelligence, often by compromising targeted environments for a long time.
In a comprehensive report released last year, Kaspersky detailed ToddyCat’s extensive use of custom and off-the-shelf tools to establish persistent access within vic
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.