Cyber Resilience

Threat actor · all actors

ToddyCatG1022 unknown

aka ToddyCat

Last updated: 2026-07-03

0attributed CVEs
38ATT&CK techniques
0.0IDF score (tooling uniqueness)
0exclusive CVEs
years active

About this actor

[ToddyCat](https://attack.mitre.org/groups/G1022) is a sophisticated threat group that has been active since at least 2020 using custom loaders and malware in multi-stage infection chains against government and military targets across Europe and Asia.(Citation: Kaspersky ToddyCat June 2022)(Citation: Kaspersky ToddyCat Check Logs October 2023)

Source: MITRE ATT&CK

Activity timeline

No activity events recorded.

Profile

CVERiskCVSSEPSSPublishedProducts
No attributed CVEs.

Mitigating controls (NIST 800-53)

ControlTechniques coveredCoverage
SI-424 / 3863%
CM-619 / 3850%
AC-218 / 3847%
AC-618 / 3847%
AC-317 / 3845%
CM-216 / 3842%
CM-716 / 3842%
SI-316 / 3842%
AC-511 / 3829%
CA-711 / 3829%
CM-511 / 3829%
IA-211 / 3829%
RA-510 / 3826%
SC-710 / 3826%
SI-109 / 3824%

Co-occurring actors

None.

Similar actors

Similar TTPs