Bisonal: 10 years of play

2020-03-10T06:00:38
ID TALOSBLOG:2D764610DD2B1DFFA4DB9F2FA166DB1E
Type talosblog
Reporter noreply@blogger.com (Paul Rascagneres)
Modified 2020-03-10T06:00:38

Description

By Warren Mercer, Paul Rascagneres and Vitor Ventura. Update 06/03/20: added samples from 2020. Executive summary Security researchers detected and exposed the Bisonal malware over the past 10 years. But the Tonto team, the threat actor behind it, didn't stop.The victimology didn't change over time, either. Japanese, South Korean and Russian organizations were the prime targets for this threat actor.The malware evolved to lower its detection ratio and improve the initial vector success...

[[ This is only the beginning! Please visit the blog for the complete entry ]]