Operation Bitter Biscuit

Threat Actor updated a month ago (2024-11-29T13:35:54.618Z)
Download STIX
Preview STIX
Operation Bitter Biscuit, as reported by AhnLab, was a malicious campaign executed by a threat actor known as the Tonto Team. This operation targeted entities in South Korea, Japan, India, and Russia, with the initial report being published in October 2017. The main tools used in this cyber-attack were Bisonal and its successors, Bioazih and Dexbia, which are types of Remote Access Trojans (RATs). These RATs enable hackers to control and manipulate victim systems from afar, thus posing significant security threats. By 2018, Operation Bitter Biscuit had escalated, focusing particularly on Korean and Japanese entities. In response, AhnLab released a detailed paper outlining the operation's tactics, techniques, and procedures. The attackers also incorporated a variant of the Bisonal RAT that was highly similar to a version previously used during the operation. This indicated a persistent and evolving threat from the same threat actor group. Furthermore, the threat actors utilized ShadowPad in their attacks. ShadowPad is an infamous backdoor that has been linked to several high-profile cyber espionage campaigns. Its use in conjunction with the Bisonal RAT variant heightened the severity and complexity of the Operation Bitter Biscuit. Overall, the operation demonstrated the Tonto Team's sophistication and adaptability, underlining the need for continuous vigilance and advanced defense strategies in cybersecurity.
Description last updated: 2023-10-10T23:53:32.702Z
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the Operation Bitter Biscuit Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more