The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor

Noushin Shabab 2025-12-29T10:00:35+00:00 View Original

Full Report

Kaspersky discloses a 2025 HoneyMyte (aka Mustang Panda or Bronze President) APT campaign, which uses a kernel-mode rootkit to deliver and protect a ToneShell backdoor.

Analysis Summary