Read Time:31 Second
Researchers from Kaspersky Lab have published an analysis of a previously undocumented advanced persistent threat (APT) group that they have dubbed ToddyCat.
The threat actor, which has targeted high-profile organizations in Asia and Europe, often breaks into organizations by hacking into internet-facing Microsoft Exchange servers, following up with a multi-stage infection chain that deploys two custom malware programs.
“We still have little information about this actor, but we know that its main distinctive signs are two formerly unknown tools that we call ‘Samurai backdoor’ and ‘Ninja Trojan’,” the researchers said.