A new, Chinese advanced persistent threat (APT) group making the rounds performs DLL side-loading attacks including the phrase “KilllSomeOne.”
According to Sophos researcher Gabor Szappanos, the group — suspected to be of Chinese origin — is targeting corporate organizations in Myanmar using poorly-written English messages relating to political subjects.
Side-loading utilizes DLL spoofing to abuse legitimate Windows processes and execute malicious code. While nothing new, Sophos said in a blog post on Wednesday that this APT combines four separate types of side-loading attack when carrying out targeted campaigns.
Read more…
Source: ZDNet