Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign - #TontoTeam
The cyber threat group known as the Tonto Team, which is aligned with China, attempted to target the cybersecurity firm Group-IB multiple times over several years using phishing techniques and malware. Their methods evolved to bypass detection, starting from using CHM files in 2021 to using anti-malware software and RTF files more recently in 2022. Though unsuccessful, the attacks show how persistent and adaptive the Tonto Team is in order to infiltrate their targets across Asia for espionage.