A new variant of ToneShell, linked to Mustang Panda, utilizes sophisticated persistence mechanisms and anti-analysis techniques to remain undetected. It establishes persistence through scheduled tasks and employs randomized delays and large data buffers to hinder analysis. The backdoor uses encrypted communication, making detection and disruption challenging for security teams.
Latest mentioned: 09-12
Earliest mentioned: 09-12