New APT hacking group leverages ‘KilllSomeOne’ DLL side-loading


A new, Chinese advanced persistent threat (APT) group making the rounds performs DLL side-loading attacks including the phrase “KilllSomeOne.”

According to Sophos researcher Gabor Szappanos, the group — suspected to be of Chinese origin — is targeting corporate organizations in Myanmar using poorly-written English messages relating to political subjects.

Side-loading utilizes DLL spoofing to abuse legitimate Windows processes and execute malicious code. While nothing new, Sophos said in a blog post on Wednesday that this APT combines four separate types of side-loading attack when carrying out targeted campaigns.

Read more…
Source: ZDNet