Threat Group Cards: A Threat Actor Encyclopedia
Archived: 2026-04-05 22:52:17 UTC
Home > List all groups > List all tools > List all groups using tool TomBerBil
 Tool: TomBerBil
Names TomBerBil
Category Malware
Type Credential stealer
Description
(Kaspersky) In addition to the data that attackers can collect from hosts, they are also
interested in obtaining access to all online services that target users have access to. For an
adversary with high privileges in the system, one fairly easy way to do this is to decrypt
browser data containing cookies and passwords that the user may have saved to autofill
authentication forms.
Information Last change to this tool card: 23 April 2024
Download this tool card in JSON format
All groups using tool TomBerBil
Changed Name Country Observed
APT groups
 ToddyCat 2020-2024
1 group listed (1 APT, 0 other, 0 unknown)
Source: https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=f0315dad-1ec0-4cfc-9c05-762dd23259d6
https://apt.etda.or.th/cgi-bin/listgroups.cgi?u=f0315dad-1ec0-4cfc-9c05-762dd23259d6
Page 1 of 1