From thehackernews.com
South Korean education, construction, diplomatic, and political institutions are at the receiving end of new attacks perpetrated by a China-aligned threat actor known as the Tonto Team.
“Recent cases have revealed that the group is using a file related to anti-malware products to ultimately execute their malicious attacks,” the AhnLab Security Emergency Response Center (ASEC) said in a report published this week.
Tonto Team, active since at least 2009, has a track record of targeting various sectors across Asia and Eastern Europe. Earlier this year, the group was attributed to an unsuccessful phishing attack on cybersecurity company Group-IB.