← Back to Actors
Tonto Team
Tonto TeamEarth AkhlutBRONZE HUNTLEYCactusPeteKarma Panda
[Tonto Team](https://attack.mitre.org/groups/G0131) is a suspected Chinese state-sponsored cyber espionage threat group that has primarily targeted South Korea, Japan, Taiwan, and the United States since at least 2009; by 2020 they expanded operations to include other Asian as well as Eastern European countries. [Tonto Team](https://attack.mitre.org/groups/G0131) has targeted government, military, energy, mining, financial, education, healthcare, and technology organizations, including through the Heartbeat Campaign (2009-2012) and Operation Bitter Biscuit (2017).(Citation: Kaspersky CactusPet...
15
Techniques
15
Covered
0
Gaps
100%
Coverage
Coverage15/15
COVERED (15)
T1003OS Credential Dumping106 det.T1056.001Keylogging4 det.T1059.001PowerShell338 det.T1059.006Python43 det.T1068Exploitation for Privilege Escalation91 det.T1069.001Local Groups35 det.T1090.002External Proxy6 det.T1105Ingress Tool Transfer170 det.T1135Network Share Discovery16 det.T1203Exploitation for Client Execution71 det.T1204.002Malicious File397 det.T1210Exploitation of Remote Services33 det.T1505.003Web Shell57 det.T1566.001Spearphishing Attachment850 det.T1574.001DLL106 det.