Palo Alto Networks


PlugX Uses Legitimate Samsung Application for DLL Side-Loading

While threat actors using the PlugX Trojan typically leverage legitimate executables to load their malicious DLLs through a technique called DLL side-loading, Unit 42 has observed a new executable in use for this purpose. Threat actors are now using this previously unseen executable, created by Samsung, to load variants of the PlugX Trojan.

Using our AutoFocus threat intelligence service, we have flagged these variants to help users identify related attacks....

May 01, 2015

Subscribe to Blogs!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.