Logo
  • home
  • cryptocurrencies
  • bitcoin
  • ethereum
  • dogecoin
  • domains
  • contact

Microsoft Exchange Servers Attacked by ToddyCat APT Group to Inject Backdoor

Over a year ago, ToddyCat, an APT group targeting Microsoft Exchange servers, launched an attack on Microsoft Exchange servers across Asia and Europe.

Security researchers at Kaspersky’s GReAT were tracking the group’s activity, and at that time they discovered two malware. Among them, one is a previously unknown backdoor, and the other one is a new trojan. And below is the list of what they have discovered:-

  • Samurai (Previous one)
  • Ninja (New one)

The attackers are able to take control of both malware strains and move laterally through the networks of the victims using both malware strains.

ESET, a Slovak cybersecurity firm, has also detected ToddyCat’s attempts to penetrate computers in the past. Throughout March of 2021, ESET began tracking these threats as part of a group referred to as Websiic.

During the time of the attack, hackers exploited the vulnerabilities in ProxyLogon Exchange. As a result of this exploit, they were able to deploy the China Chopper shell code onto vulnerable servers and gain RCE.

Attack waves & targets

In addition to high-profile organizations, such as governments and military entities, or contractors who work with these entities, the group’s target varies from time to time.

A small number of government organizations from the following countries were targeted initially, and this known as the first wave of attacks that took place between December 2020 and February 2021:- 

  • Vietnam
  • Taiwan

In addition to a long list of countries globally, the next wave which took place between February 2021 and May 2021, quickly grew to include entities from a wide range of countries, including the:- 

  • Russia
  • India
  • Iran
  • The United Kingdom

The next phase of ToddyCat’s expansion will focus on the same cluster of countries. Additionally, from the following countries it added more organizations as well:-

  • Indonesia
  • Uzbekistan
  • Kyrgyzstan

Activity links with Chinese-speaking APTs

Several Chinese-speaking groups have also targeted the same industries and countries as ToddyCat does.

The Chinese-backed hackers exploited the FunnyDream backdoor to hack into some of the entities they breached around the same time. This group is concentrating its efforts on very high-profile targets, as indicated by the affected organizations, both governmental and military.

ToddyCat APT uses a wide range of techniques to maintain its stealth and avoid detection for an extended period of time. Targets in Southeast Asia are a primary concern for the group. However, their activities also affect targets in Europe and Asia region as well.

You can follow us on Linkedin, Twitter, Facebook for daily Cyber security and hacking news updates.

The post Microsoft Exchange Servers Attacked by ToddyCat APT Group to Inject Backdoor appeared first on Cyber Security News.


Go to source (full text)

June 23, 2022   Balaji N
cybersecuritynews.com cyber attack, cyber security, Cyber Security News, malware

Related Posts

  • Report: Only 8 ransomware groups have attacked over 500 organizations
    Report: Only 8 ransomware groups have attacked over 500 organizations
  • Revive – An Android Malware Intercepting All SMS To Steal 2FA/OTP
    Revive – An Android Malware Intercepting All SMS To Steal 2FA/OTP
  • AMD Is Investigating a Potential Data Breach Allegedly Caused by Weak Passwords
    AMD Is Investigating a Potential Data Breach Allegedly Caused by Weak Passwords
×

  • Cosmos (ATOM) Price Soars 12%, Is It About To Break Resistance?
  • Breaking: Binance Refuses to Bailout Failed Crypto Projects

Latest News

  • Technoblade, a popular Minecraft YouTuber, dies from cancer age 23 — shares final video
  • Instagram test turns all video posts into Reels
  • Financial Companies Report First Deal With Digital Assets Under Russian Law
  • Bitcoin Markets in Capitulation After Worse Quarterly Loss in a Decade
  • DeFi insurance is coming to Solana to protect users against exploits
  • Play and Fight in Monkey Empire, a F2P Game Comparable to Clash of Clans
  • Combining impact with financial gain: Insights from investors in the foodtech space
  • Aave Arc Pool set to Launch with 30 Institutions Already Onboard
  • Bitcoin’s price movements after El Salvador and MicroStrategy purchase
  • Understanding the Tokenomics of ZNT: DeFi protocol Zenith’s official token
  • The 13 best new TV shows of 2022
  • TikTok proves no one is going to ask you what you’re listening to
  • Toast to 15 bottles of wine shipped to straight to your front door for less than $6 each
  • The Turbo Vibration Plate aims to help with chronic pain, and it’s over $200 off
  • Amp up your hiking playlist and hit the trail with this clip-on Bluetooth speaker

Domains For Sale

cryptotrading.ooo

cryptotrade.ooo

cryptodatas.com

cryptos.capital

cryptos.events

cryptos.ventures

cryptos.wtf

ooo.capital

ooo.loans

ooo.tours

property.bet

cryptocoin.ooo

cryptocoins.ooo

assets.bet

cryptoexchange.ooo

cryptomania.world

cryptoinvest.ooo

cryptos.media

cryptos.foundation

cryptos.fm

cryptobank.today

ooo.credit

ooo.finance

ooo.domains

ooo.health

cryptos.trade

ooo.world

-
$ 19,440.671.62%

Cryptocurrency Converter

Cryptocurrencies Price Live

Bitcoin Price Live

Ethereum Price Live

Dogecoin Price Live

Shiba Inu Price Live

XRP Price Live

Tether Price Live

Bitcoin Cash Price Live

Cardano Price Live

Bitcoin SV Price Live

Litecoin Price Live

Crypto.com Coin Price Live

Binance Coin Price Live

EOS Price Live

ChainLink Price Live

Buy Crypto Domains

Buy Crypto Domains
Find More > Go to Homepage
© 1010.team
Trusted news about IT, New Technologies, Internet Business, Startups, Cryptocurrency, Cybersecurity
bitcoin
Bitcoin (BTC) $ 19,440.67 1.62%
ethereum
Ethereum (ETH) $ 1,065.78 3.61%
tether
Tether (USDT) $ 1.00 0.34%
usd-coin
USD Coin (USDC) $ 1.00 0.21%
bnb
BNB (BNB) $ 221.88 6.30%
binance-usd
Binance USD (BUSD) $ 1.00 0.46%
cardano
Cardano (ADA) $ 0.454403 2.10%
xrp
XRP (XRP) $ 0.316173 1.75%
solana
Solana (SOL) $ 32.95 3.13%
dogecoin
Dogecoin (DOGE) $ 0.065509 2.94%