ToddyCat Attackers Exploited ESET Command Line Scanner Vulnerability to Conceal Their Tool
Posted: Tue Apr 08, 2025 1:01 pm
In a sophisticated cyberattack, the notorious ToddyCat APT group utilized a previously unknown vulnerability in ESET’s Command Line Scanner (ecls) to mask their malicious activities.
The attack came to light when researchers detected a suspicious file named version.dll in the temp directories of multiple compromised systems.
This file was identified as a tool called TCESB, designed to execute payloads undetected by bypassing security monitoring tools.
https://gbhackers.com/toddycat-attacker ... erability/
The attack came to light when researchers detected a suspicious file named version.dll in the temp directories of multiple compromised systems.
This file was identified as a tool called TCESB, designed to execute payloads undetected by bypassing security monitoring tools.
https://gbhackers.com/toddycat-attacker ... erability/