Security News > 2023 > October > ToddyCat hackers use 'disposable' malware to target Asian telecoms
A newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of "Disposable" malware to evade detection.
The attacks appear to originate from the Chinese espionage actor known as 'ToddyCat,' which relies on spear-phishing messages carrying malicious attachments to load a variety of malware loaders and backdoors.
The researchers explain that the threat actors use many different types of custom tool, which they believe are disposable to help evade detection and prevent linking attacks to each other.
Judging from the wide variety of distinct tools seen in the attacks and their level of customization, these appear to be disposable.
New SprySOCKS Linux malware used in cyber espionage attacks.
Lazarus hackers breach aerospace firm with new LightlessCan malware.
News URL
Related news
- Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
- Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia (source)
- North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn (source)
- Salt Typhoon hackers backdoor telcos with new GhostSpider malware (source)