The Mustang Panda threat actor has innovated its cyber espionage toolkit by employing a previously undocumented kernel-mode rootkit driver, signed with a stolen digital certificate from Guangzhou Kingteller Technology Co., Ltd, to load a new variant of the TONESHELL backdoor. This driver, named "ProjectConfiguration.sys," registers as a minifilter driver with an altitude set above the Microsoft-designated FSFilter Anti-Virus Load Order Group, effectively intercepting file system operations before legitimate antivirus filters like Microsoft Defender can act. This manipulation allows the rootkit to prevent deletion, renaming, or access to its files, registry keys, and injected processes, thereby maintaining stealth and persistence. The rootkit dynamically resolves kernel APIs using a hashing algorithm and employs registry callback routines to deny access to protected registry keys. It also interferes with the loading of security drivers by altering their altitude in the I/O stack. The driver drops two user-mode payloads: one spawns an "svchost.exe" process with a delay-inducing shellcode, and the other injects the TONESHELL backdoor into this process. TONESHELL communicates with command-and-control servers over TCP port 443, supporting commands for file upload/download, remote shell establishment, and command execution. The campaign, observed since early 2025, targets government entities in Southeast and East Asia, notably Myanmar and Thailand, but the rootkit’s advanced stealth techniques and signed driver could enable broader targeting. The initial access vector is unclear but may involve leveraging previously compromised systems. Detection is challenging due to in-memory execution and rootkit protections, making memory forensics essential. This development marks a significant evolution in Mustang Panda’s operational capabilities, enhancing stealth, persistence, and resilience against detection and removal.

For European organizations, the Mustang Panda rootkit and TONESHELL backdoor pose a significant espionage threat, particularly for entities with geopolitical or economic ties to Asia or those involved in sectors targeted by Mustang Panda such as government, defense, and critical infrastructure. The use of a signed kernel-mode driver allows the malware to evade traditional endpoint security solutions, including Microsoft Defender, increasing the risk of prolonged undetected intrusions. The rootkit’s ability to protect its components and injected processes from tampering can lead to persistent access, enabling data exfiltration, espionage, and potential lateral movement within networks. The backdoor’s capabilities for remote shell access and file transfers facilitate extensive control over compromised systems. European organizations relying on similar Windows environments or supply chains connected to Asia may be at risk of indirect exposure. The stealth and resilience of this threat complicate incident response and forensic investigations, potentially leading to significant operational disruption and intellectual property loss if exploited.

European organizations should implement advanced endpoint detection and response (EDR) solutions capable of detecting kernel-mode rootkits and anomalous minifilter driver behavior, including monitoring for unusual altitude values in the I/O stack. Employ memory forensics tools to detect in-memory shellcode execution and injected processes like TONESHELL. Regularly audit and verify digital certificates used for driver signing within the environment to identify potentially stolen or misused certificates. Enforce strict application whitelisting and code signing policies to prevent unauthorized driver loading. Monitor network traffic for suspicious connections to known or suspected Mustang Panda C2 domains, especially over TCP port 443 with unusual patterns. Conduct threat hunting exercises focused on detecting registry callback manipulations and protected process access denials. Strengthen supply chain security and vet third-party software and hardware providers, particularly those with ties to regions associated with the threat. Implement network segmentation and least privilege principles to limit lateral movement if compromise occurs. Finally, maintain up-to-date threat intelligence feeds and collaborate with national cybersecurity centers to stay informed about emerging Mustang Panda tactics and indicators.