Malware, Threat Management, Vulnerability Management

Group-IB blocks attempted attack by Chinese APT

Singaporean cybersecurity firm Group-IB has averted two attempted malware attacks by Chinese advanced persistent threat group Tonto Team, also known as UAC-0018, Karma Panda, Cactus Pete, Bronze Huntley, and Earth Akhlut, reports The Hacker News. Phishing emails with the Royal Road weaponizer-laced Microsoft Office documents have been leveraged by Tonto Team in its attempted attack against Group-IB in June that sought to spread the Bisonal malware, similar to techniques used by the group in its attacks against Russian government agencies and scientific organizations amid the ongoing Russia-Ukraine war, according to Group-IB. Aside from using Bisonal malware, which enables command execution, Tonto Team has also been utilizing the QuickMute downloader to facilitate next-stage malware retrieval. "The main goals of Chinese APTs are espionage and intellectual property theft. Undoubtedly, Tonto Team will keep probing IT and cybersecurity companies by leveraging spear-phishing to deliver malicious documents using vulnerabilities with decoys specially prepared for this purpose," said Group-IB researchers.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds