PANews August 4 news, according to Slow Fog Chief Information Security Officer 23pds quoting an article from Genians, the North Korean-linked hacker organization APT37 is hiding malware within JPEG image files to launch attacks. This malware uses a two-stage encryption shellcode injection method to hinder analysis, and the attacker utilizes shortcut files with the .lnk extension to embed Cmd or PowerShell commands to execute the attack. Efficient EDR monitoring optimized for abnormal endpoint behavior detection is now crucial.
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
Slow fog: The hacker organization APT37 is hiding malware in JPEG image files to launch attacks.
PANews August 4 news, according to Slow Fog Chief Information Security Officer 23pds quoting an article from Genians, the North Korean-linked hacker organization APT37 is hiding malware within JPEG image files to launch attacks. This malware uses a two-stage encryption shellcode injection method to hinder analysis, and the attacker utilizes shortcut files with the .lnk extension to embed Cmd or PowerShell commands to execute the attack. Efficient EDR monitoring optimized for abnormal endpoint behavior detection is now crucial.