PlugX Uses Legitimate Samsung Application for DLL Side-Loading
While threat actors using the PlugX Trojan typically leverage legitimate executables to load their malicious DLLs through a technique called DLL side-loading, Unit 42 has observed a new executable in use for this purpose. Threat actors are now using this previously unseen executable, created by Samsung, to load variants of the PlugX Trojan.
Using our AutoFocus threat intelligence service, we have flagged these variants to help users identify related attacks....