Lucene search
K

4 matches found

HackRead
HackRead
added 2025/12/30 3:22 p.m.5 views

HoneyMyte (aka Mustang Panda) Deploys ToneShell Backdoor in New Attacks

HoneyMyte Mustang Panda is back with a new ToneShell backdoor. Read how this stealthy attack blinds Microsoft Defender to target government entities in Asia...

6.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/12/30 8:35 a.m.6 views

Mustang Panda Uses Signed Kernel-Mode Rootkit to Load TONESHELL Backdoor

The Chinese hacking group known as Mustang Panda aka HoneyMyte has leveraged a previously undocumented kernel-mode rootkit driver to deliver a new variant of backdoor dubbed TONESHELL in a cyber attack detected in mid-2025 targeting an unspecified entity in Asia. The findings come from Kaspersky,...

7.8AI score
Exploits0
Securelist
Securelist
added 2025/12/29 10:0 a.m.21 views

The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Overview of the attacks In mid-2025, we identified a malicious driver file on computer systems in Asia. The driver file is signed with an old, stolen, or leaked digital certificate and registers as a mini-filter driver on infected machines. Its end-goal is to inject a backdoor Trojan into the...

7.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/24 9:59 a.m.2 views

Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies

A recent campaign undertaken by Earth Preta indicates that nation-state groups aligned with China are getting increasingly proficient at bypassing security solutions. The threat actor, active since at least 2012, is tracked by the broader cybersecurity community under Bronze President, HoneyMyte,...

7.2AI score
Exploits0
Rows per page
Query Builder