ToddyCat – new attack tactics
Using a new type of malware, ToddyCat collects data and exfiltrates it into public and legitimate file hosting services. The advanced APT group ToddyCat first gained attention in December 2020 with serious attacks on companies in Asia and Europe. The main tools included the Ninja Trojan, the Backdoor Samurai and loaders that load malicious payloads onto the affected system. Since then, Kaspersky has been monitoring the APT group using special signatures. One of the signatures was identified on a system; During further research, new ToddyCat tools were discovered. ToddyCat uses new loader variant Last year…