ToddyCat, an advanced persistent threat (APT) gang that targets the government and defence industries, has been seen collecting stolen data “on an industrial scale” from victim organisations in Asia-Pacific.
Kaspersky researchers first disclosed details regarding the elusive gang’s actions in 2022, despite the fact that it has been functioning since December 2020.
ToddyCat is believed to be a Chinese-speaking gang, though its origins and ties are unknown.
Initially, the threat group targeted only certain organisations in Taiwan and Vietnam. When the ProxyLogon vulnerabilities in Microsoft Exchange Server were discovered in early 2021, it broadened the scope of its operations, now targeting multiple European and Asian organisations.
ToddyCat upgraded its tools and strategies in 2023, and launched a long-running attack against government entities and telecom providers in multiple Asian countries.
In Kaspersky’s most recent review of the group, published last week, re
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: