Tag

Earth Freybug

All articles tagged with #earth freybug

cybersecurity1 year ago•2 min saved

"UNAPIMON: China-Linked Hackers' Latest Stealthy Malware Deployment"

China-linked cyber espionage group APT41, also known as Earth Freybug, has been observed using a new malware called UNAPIMON to target organizations across different countries. The malware, designed to evade detection, is deployed through a series of steps involving legitimate executables and DLL injection, ultimately turning infected systems into backdoors for espionage and financially motivated activities. The group's use of evolving techniques highlights the effectiveness of even simple methods when applied correctly, posing challenges for detection and defense.

via The Hacker News|

#apt41 #china-linked-hackers #cyber-espionage

cybersecurity1 year ago•8 min saved

"UNAPIMON: Earth Freybug's Key Tool for Unhooking Critical APIs"

Earth Freybug, a cyberthreat group, has been found using dynamic-link library (DLL) hijacking and application programming interface (API) unhooking techniques to prevent child processes from being monitored via a new malware called UNAPIMON. This malware employs defense evasion techniques to prevent child processes from being monitored, allowing malicious activities to go undetected. The attack demonstrates the group's evolving methods and the effectiveness of simple yet creative techniques, highlighting the need for vigilance against both advanced and overlooked tactics in cybersecurity.

via Trend Micro|

#api-unhooking #cyberespionage #cybersecurity