ToddyCat APT Hacks Microsoft Exchange Servers

24-Jun-22

Since at least December 2020, ToddyCat APT has been focusing on Microsoft Exchange servers for businesses in Asia and Europe. The ToddyCat APT organisation has intensified its attacks and is looking for Microsoft Exchange servers that haven’t been patched that have ProxyLogon flaws.

A passive backdoor dubbed Samurai and a fresh Ninja trojan were found while monitoring the group’s behaviour. Both types of malware take over compromised systems and propagate laterally across networks. Read More…