Chinese advanced persistent threat group Mustang Panda, also known as Hive0154, has launched highly sophisticated attacks involving an updated Toneshell backdoor and the novel SnakeDisk USB malware against Southeast Asia, GBHackers News reports.
Increased stealth has been allowed by the new Toneshell9 malware variant, which not only permits dual reverse shell functionality and proxy-aware communications but also junk code injection and custom encryption capabilities, according to an IBM X-Force analysis. Mustang Panda has leveraged Toneshell9 to enable simultaneous C2 server, proxy configuration, and encryption key management, as well as Windows registry hive enumeration.
Meanwhile, Thailand was targeted by Mustang Panda with attacks involving the SnakeDisk malware, coinciding with the country's mounting tensions with Cambodia. Aside from having geolocation restrictions to Thailand and being spread via USB devices, SnakeDisk allows the delivery of the Yokai backdoor for persistence while concealing files within the USB device. Such findings should prompt the implementation of more stringent security measures among organizations across Southeast Asia.
Increased stealth has been allowed by the new Toneshell9 malware variant, which not only permits dual reverse shell functionality and proxy-aware communications but also junk code injection and custom encryption capabilities, according to an IBM X-Force analysis. Mustang Panda has leveraged Toneshell9 to enable simultaneous C2 server, proxy configuration, and encryption key management, as well as Windows registry hive enumeration.
Meanwhile, Thailand was targeted by Mustang Panda with attacks involving the SnakeDisk malware, coinciding with the country's mounting tensions with Cambodia. Aside from having geolocation restrictions to Thailand and being spread via USB devices, SnakeDisk allows the delivery of the Yokai backdoor for persistence while concealing files within the USB device. Such findings should prompt the implementation of more stringent security measures among organizations across Southeast Asia.



