WecontinuecoveringtheactivitiesoftheAPTgroupToddyCat.Inourpreviousarticle,wedescribedtoolsforcollectingandexfiltratingfiles(LoFiSeandPcExter).Thistime,wehaveinvestigatedhowattackersobtainconstantaccesstocompromisedinfrastructure,whatinformationonthehoststheyareinterestedin,andwhattoolstheyusetoextractit. ToddyCatisanAPTgroupthatpredominantlytargets...