all InfoSec news
Tonto Team Using Anti-Malware Related Files for DLL Side-Loading
Malware Analysis, News and Indicators - Latest topics malware.news
The Tonto Team is a threat group that targets mainly Asian countries, and has been distributing Bisonal malware. AhnLab Security Emergency response Center (ASEC) has been tracking the Tonto Team’s attacks on Korean education, construction, diplomatic, and political institutions. Recent cases have revealed that the group is using a file related to anti-malware products to ultimately execute their malicious attacks.
Figure 1. Overall operation process
The Tonto Team’s involvement in the distribution of the CHM malware in Korea has been …
ahnlab anti-malware asec attacks bisonal cases center chm construction countries distribution dll dll side-loading education emergency file files institutions korea malicious malware malware analysis political process products response security team threat threat group tonto tonto team tracking