Mustang Panda, a China-linked threat actor, has been linked to a cyber attack in Myanmar using evolving malware tools like TONESHELL and StarProxy. This group, active since 2012, primarily targets East Asian governments and NGOs. Their latest malware variants feature advanced capabilities, including reverse shell access, DLL downloading, and custom TCP-based communication methods. This evolution underscores a significant increase in the group's operational sophistication, as they adapt to countermeasures against cyber threats and enhance their stealth during attacks.
Mustang Panda has evolved their malware capabilities, introducing sophisticated tools like TONESHELL and StarProxy to enhance their cyber-attack effectiveness against targeted organizations.
Sudeep Singh noted that TONESHELL's updates include changes to its FakeTLS command-and-control communication protocol and improved methods for client identity management.
Collection
[
|
...
]