#dll-side-loading

[ follow ]
#apt28 #outlook-vba-backdoor #data-exfiltration #quirkyloader #email-spam-campaigns #process-hollowing
Information security
fromThe Hacker News
3 weeks ago

Russian APT28 Deploys "NotDoor" Outlook Backdoor Against Companies in NATO Countries

APT28 deployed an Outlook VBA backdoor called NotDoor that monitors emails for a trigger to exfiltrate data, upload files, execute commands, and persist via DLL side-loading.
Information security
fromThe Hacker News
1 month ago

Hackers Using New QuirkyLoader Malware to Spread Agent Tesla, AsyncRAT and Snake Keylogger

QuirkyLoader is a .NET AOT-compiled DLL loader used in email spam campaigns to deliver information stealers and RATs via DLL side-loading and process hollowing.
[ Load more ]