← Back to Actors
Tonto Team
Tonto TeamEarth AkhlutBRONZE HUNTLEYCactusPeteKarma Panda
[Tonto Team](https://attack.mitre.org/groups/G0131) is a suspected Chinese state-sponsored cyber espionage threat group that has primarily targeted South Korea, Japan, Taiwan, and the United States since at least 2009; by 2020 they expanded operations to include other Asian as well as Eastern European countries. [Tonto Team](https://attack.mitre.org/groups/G0131) has targeted government, military, energy, mining, financial, education, healthcare, and technology organizations, including through the Heartbeat Campaign (2009-2012) and Operation Bitter Biscuit (2017).(Citation: Kaspersky CactusPet...
15
Techniques
15
Covered
0
Gaps
100%
Coverage
Coverage15/15
COVERED (15)
T1003OS Credential Dumping113 det.T1056.001Keylogging4 det.T1059.001PowerShell368 det.T1059.006Python49 det.T1068Exploitation for Privilege Escalation99 det.T1069.001Local Groups37 det.T1090.002External Proxy6 det.T1105Ingress Tool Transfer183 det.T1135Network Share Discovery20 det.T1203Exploitation for Client Execution75 det.T1204.002Malicious File425 det.T1210Exploitation of Remote Services35 det.T1505.003Web Shell63 det.T1566.001Spearphishing Attachment905 det.T1574.001DLL109 det.