ToddyCat is responsible for multiple sets of attacks detected since December 2020 against high-profile entities in Europe and Asia. There is still little information about this actor, but its main distinctive signs are two formerly unknown tools that Kaspersky call ‘Samurai backdoor’ and ‘Ninja Trojan’.
There are currently no families associated with this actor.
|2022-07-01 ⋅ RiskIQ ⋅ |
ToddyCat: A Guided Journey through the Attacker's Infrastructure
|2022-06-21 ⋅ BleepingComputer ⋅ |
Microsoft Exchange servers hacked by new ToddyCat APT gang
|2022-06-21 ⋅ Kaspersky ⋅ |
APT ToddyCat: Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia
|2021-10-22 ⋅ TEAMT5 ⋅ |
Assassinations of "MiniNinja" in Various APAC Countries
|2021-03-10 ⋅ ESET Research ⋅ |
Exchange servers under siege from at least 10 APT groups
Microcin MimiKatz PlugX Winnti APT27 APT41 Calypso Tick ToddyCat Tonto Team Vicious Panda
|2021-03-03 ⋅ GTSC ⋅ |
'Mild' update on Microsoft Exchange 0day security vulnerability being used to attack organizations in Vietnam