ToddyCatToddyCat
Also known as: Websiic · ToddyCat
Known aliases
2
Target sectors
2
Profile
ToddyCat is responsible for multiple sets of attacks detected since December 2020 against high-profile entities in Europe and Asia. There is still little information about this actor, but its main distinctive signs are two formerly unknown tools that Kaspersky call ‘Samurai backdoor’ and ‘Ninja Trojan’.
Aliases· 2
WebsiicToddyCat
Target sectors· 2
MilitaryGovernment
Known victims· 14
- Afghanistan
- India
- Indonesia
- Iran
- Kyrgyzstan
- Malaysia
- Pakistan
- Russia
- Slovakia
- Taiwan
- Thailand
- United Kingdom
References
- https://www.bleepingcomputer.com/news/security/new-toddycat-apt-group-targets-exchange-servers-in-asia-europe/
- https://securelist.com/toddycat/106799/
- https://www.welivesecurity.com/2021/03/10/exchange-servers-under-siege-10-apt-groups/
- https://gteltsc.vn/blog/cap-nhat-nhe-ve-lo-hong-bao-mat-0day-microsoft-exchange-dang-duoc-su-dung-de-tan-cong-cac-to-chuc-tai-viet-nam-9685.html
- https://community.riskiq.com/article/d8b749f2
- https://teamt5.org/en/posts/assassinations-of-minininja-in-various-apac-countries/
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.