"UNAPIMON: Earth Freybug's Key Tool for Unhooking Critical APIs"
Earth Freybug, a cyberthreat group, has been found using dynamic-link library (DLL) hijacking and application programming interface (API) unhooking techniques to prevent child processes from being monitored via a new malware called UNAPIMON. This malware employs defense evasion techniques to prevent child processes from being monitored, allowing malicious activities to go undetected. The attack demonstrates the group's evolving methods and the effectiveness of simple yet creative techniques, highlighting the need for vigilance against both advanced and overlooked tactics in cybersecurity.