PANews reported on August 4th that according to 23pds, the chief information security officer of Slow Fog, citing a Genians article, the North Korea-linked hacker group APT37 is hiding malware in JPEG image files to launch attacks. The malware uses a two-stage encrypted shellcode injection method to hinder analysis, with attackers utilizing .lnk shortcut files and embedding Cmd or PowerShell commands to execute the attack. Efficient EDR monitoring optimized for abnormal endpoint behavior detection is now crucial.
SlowMist: Hacker group APT37 hides malware in JPEG image files to launch attacks
This article is machine translated
Show original
Source
Disclaimer: The content above is only the author's opinion which does not represent any position of Followin, and is not intended as, and shall not be understood or construed as, investment advice from Followin.
Like
Add to Favorites
Comments
Share
