Threat Advisories:
🎧 Podcast: This Month's Threats in 10 Min! Emerging Threat Intel Audio Briefing - Listen & Defend Now →
👥 Play Count: 0

ToddyCat Hackers Exploit ESET Flaw to Deploy Hidden Malware

Red | Attack Report
Download PDF

ToddyCat, an advanced persistent threat (APT) group, exploited a vulnerability(CVE-2024-11859) in ESET’s command-line scanner using DLL proxying. This technique allowed them to load malicious code stealthily by mimicking legitimate libraries. The attackers used a modified tool named TCESB to bypass security measures and manipulate kernel structures. This incident highlights the need for timely patching and vigilance, even with trusted security software.