The advanced persistent threat (APT) actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking crew's tactics and capabilities. ToddyCat is a Chinese APT actor who has launched a campaign against telecom and government sectors in Asian countries. The campaign has been named “Stayin’ Alive.” The Stayin' Alive campaign consists of mostly downloaders and loaders, some of which are used as an initial
toddycat (2)
Activity Summary - Week Ending on 8 July 2022:
- Red Sky Alliance identified 24,005 connections from new IP’s checking in with our Sinkholes
- DigitalOcean hit 103 x
- Analysts identified 1,557 new IP addresses participating in various Botnets
- ShadowPad
- ToddyCat
- Toll Fraud Malware
- Marriott International
- Ukraine, Dark Crystal RAT
- Crema Finance
- Maui Ransomware
Link to full report: IR-22-189-001_weekly189.pdf
