Source |
The Hacker News |
Identifiant |
8333977 |
Date de publication |
2023-05-06 16:54:00 (vue: 2023-05-06 13:07:06) |
Titre |
Dragon Breath apt Group utilisant une technique de double application pour cibler l'industrie du jeu Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry |
Texte |
Un acteur avancé de menace persistante (APT) connue sous le nom de Dragon Breath a été observé en ajoutant de nouvelles couches de complexité à ses attaques en adoptant un nouveau mécanisme de chargement latérale DLL.
"L'attaque est basée sur une attaque classique à chargement latéral, composé d'une application propre, d'un chargeur malveillant et d'une charge utile cryptée, avec diverses modifications apportées à ces composants au fil du temps", chercheur Sophos
An advanced persistent threat (APT) actor known as Dragon Breath has been observed adding new layers of complexity to its attacks by adopting a novel DLL side-loading mechanism.
"The attack is based on a classic side-loading attack, consisting of a clean application, a malicious loader, and an encrypted payload, with various modifications made to these components over time," Sophos researcher |
Envoyé |
Oui |
Condensat |
actor adding adopting advanced app application apt as dragon attack attacks based been breath breath has classic clean complexity components consisting double dragon encrypted gambling group industry its known layers loader loading loading mechanism made malicious modifications new novel dll observed over payload persistent researcher side sophos target technique these threat time using various |
Tags |
Threat
|
Stories |
|
Notes |
★★★
|
Move |
|