Security News > 2023 > October > ToddyCat hackers use 'disposable' malware to target Asian telecoms
A newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of "Disposable" malware to evade detection.
The attacks appear to originate from the Chinese espionage actor known as 'ToddyCat,' which relies on spear-phishing messages carrying malicious attachments to load a variety of malware loaders and backdoors.
The researchers explain that the threat actors use many different types of custom tool, which they believe are disposable to help evade detection and prevent linking attacks to each other.
Judging from the wide variety of distinct tools seen in the attacks and their level of customization, these appear to be disposable.
New SprySOCKS Linux malware used in cyber espionage attacks.
Lazarus hackers breach aerospace firm with new LightlessCan malware.
News URL
Related news
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)
- US sanctions Chinese firm, hacker behind telecom and Treasury hacks (source)
- Hacker infects 18,000 "script kiddies" with fake malware builder (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)