Home/Tag/Toneshell

Toneshell

1 article tagged with "Toneshell"

Threat Intelligence4 min read

Mustang Panda Deploys Kernel-Mode Rootkit to Conceal TONESHELL Backdoor

Chinese APT uses stolen certificate to sign malicious driver that disables security tools. First documented case of TONESHELL delivered via kernel-mode loader.

Alex KowalskiDec 30, 2025