Chinese ‘Stayin’ Alive’ Attacks Dance Onto Targets With Dumb Malware

Chinese hacker group ToddyCat is attacking telecoms firms in Central and Southeast Asia using simple, custom-built malware, according to cybersecurity firm Check Point. Using spear phishing emails, ToddyCat exploits a high-criticality vulnerability in the Dante AV systems software, loading basic malware onto targeted devices. This approach, though seemingly basic, makes detection more difficult and is easily adaptable to targets. The group has been linked to Chinese espionage, with its latest attacks impacting telcos in Kazakhstan, Pakistan, Uzbekistan, and Vietnam.