Security researchers discover China-linked malware used to infiltrate Philippine military company

Security researchers discover China-linked malware used to infiltrate Philippine military company (businessinsights.bitdefender.com)
from Hotznplotzn@lemmy.sdf.org to cybersecurity@infosec.pub on 15 Sep 10:04
https://lemmy.sdf.org/post/42301967

cross-posted from: lemmy.sdf.org/post/42301965

Archived

A Chinese APT group compromised a Philippine military company using a new, fileless malware framework called EggStreme. This multi-stage toolset achieves persistent, low-profile espionage by injecting malicious code directly into memory and leveraging DLL sideloading to execute payloads. The core component, EggStremeAgent, is a full-featured backdoor that enables extensive system reconnaissance, lateral movement, and data theft via an injected keylogger.

[Edit typo.]

#cybersecurity

threaded - newest