HoneyMyte (aka Mustang Panda) Deploys ToneShell Backdoor in New Attacks
hackread.comHoneyMyte (Mustang Panda) is back with a new ToneShell backdoor. Read how this stealthy attack blinds Microsoft Defender to target government entities in Asia.
In a major discovery, cybersecurity researchers at Kaspersky Securelist have found a new espionage activity targeting government offices across Southeast and East Asia. The campaign, which likely began in February 2025, uses a rootkit to hide deep inside a computer’s core, making it invisible to standard security tools.
Kaspersky links the attack to a group known as HoneyMyte (aka Bronze President or Mustang Panda). According to their analysis, the hackers are specifically targeting Myanmar and Thailand using a malicious driver file named ProjectConfiguration.sys.
Bypassing the Digital Guard
As we know it, most antivirus programs scan for suspicious files on the surface. However, they fail to identify this attack because the driver registers as a mini-filter, a tool that sits deep in the system’s ...
Copyright of this story solely belongs to hackread.com . To see the full text click HERE