Tonto Team Uses Malware File to Launch Attacks on South Korean Institutions

by

in
Tonto Team Uses Malware File to Launch Attacks on South Korean Institutions

The Tonto Team, a threat actor with ties to China, is targeting South Korean institutions such as education, construction, diplomatic, and political institutions with new attacks.

This attack sequence begins with a Microsoft Compiled HTML Help (.CHM) file that is used to side-load malicious DLL files and launch ReVBShell, an open source VBScript backdoor.

This is followed by the deployment of the Bisonal remote access trojan.

Similar attack chains have also been adopted by North Korean threat actors.

#shorts #techshorts #technews #tech #technology #new attacks #ASEC #Tonto Team

๐Ÿ‘‹ Feeling the vibes?

Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐Ÿ›๏ธ

If not, consider contributing to my caffeine supply at Buy Me a Coffee โ˜•๏ธ.

Your clicks = cosmic support for more awesome content! ๐Ÿš€๐ŸŒˆ


Comments

Leave a Reply

Your email address will not be published. Required fields are marked *