Security News > 2023 > February > Chinese Tonto Team Hackers' Second Attempt to Target Cybersecurity Firm Group-IB Fails
The advanced persistent threat actor known as Tonto Team carried out an unsuccessful attack on cybersecurity company Group-IB in June 2022.
The Singapore-headquartered firm said that it detected and blocked malicious phishing emails originating from the group targeting its employees.
Tonto Team, also called Bronze Huntley, Cactus Pete, Earth Akhlut, Karma Panda, and UAC-0018, is a suspected Chinese hacking group that has been linked to attacks targeting a wide range of organizations in Asia and Eastern Europe.
The adversarial collective, in March 2021, also emerged as one of the threat actors to exploit the ProxyLogon flaws in Microsoft Exchange Server to strike cybersecurity and procuring companies based in Eastern Europe.
Coinciding with Russia's military invasion of Ukraine last year, the Tonto Team was observed targeting Russian scientific and technical enterprises and government agencies with the Bisonal malware.
"Undoubtedly, Tonto Team will keep probing IT and cybersecurity companies by leveraging spear-phishing to deliver malicious documents using vulnerabilities with decoys specially prepared for this purpose."
News URL
https://thehackernews.com/2023/02/chinese-tonto-team-hackers-second.html
Related news
- Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware (source)
- Chinese State Hackers Target Tibetans with Supply Chain, Watering Hole Attacks (source)
- Week in review: Cybersecurity job openings, hackers use 1-day flaws to drop custom Linux malware (source)
- Chinese Earth Krahang hackers breach 70 orgs in 23 countries (source)
- CISA shares critical infrastructure defense tips against Chinese hackers (source)
- A “cascade” of errors let Chinese hackers into US government inboxes (source)