#1 Trusted Cybersecurity News Platform
Followed by 5.20+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

DLL Side Loading | Breaking Cybersecurity News | The Hacker News

Category — DLL Side Loading
Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

Chinese and Russian Hackers Using SILKLOADER Malware to Evade Detection

Mar 16, 2023 Cyber Threat Intelligence
Threat activity clusters affiliated with the Chinese and Russian cybercriminal ecosystems have been observed using a new piece of malware that's designed to load Cobalt Strike onto infected machines. Dubbed  SILKLOADER  by Finnish cybersecurity company WithSecure, the malware leverages  DLL side-loading techniques  to deliver the commercial adversary simulation software. The development comes as  improved detection capabilities  against Cobalt Strike, a legitimate post-exploitation tool used for red team operations, is forcing threat actors to  seek alternative options  or concoct new ways to propagate the framework to evade detection. "The most common of these include adding complexity to the auto-generated beacon or stager payloads via the utilization of packers, crypters, loaders, or similar techniques," WithSecure researchers  said . SILKLOADER joins other loaders such as KoboldLoader, MagnetLoader, and LithiumLoader that have been...
Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

Worok Hackers Abuse Dropbox API to Exfiltrate Data via Backdoor Hidden in Images

Nov 14, 2022
A recently discovered cyber espionage group dubbed  Worok  has been found hiding malware in seemingly innocuous image files, corroborating a crucial link in the threat actor's infection chain. Czech cybersecurity firm Avast said the purpose of the PNG files is to conceal a payload that's used to facilitate information theft. "What is noteworthy is data collection from victims' machines using Dropbox repository, as well as attackers using Dropbox API for communication with the final stage," the company  said . The development comes a little over two months after ESET disclosed details of attacks carried out by  Worok  against high-profile companies and local governments located in Asia and Africa. Worok is believed to share tactical overlaps with a Chinese threat actor tracked as  TA428 . The Slovak cybersecurity company also documented Worok's compromise sequence, which makes use of a C++-based loader called CLRLoad to pave the way for an unknown Pow...
cyber security

10 Steps to Microsoft 365 Cyber Resilience

websiteVeeamCyber Resilience / Data Security
75% of organizations get hit by cyberattacks, and most report getting hit more than once. Read this ebook to learn 10 steps to take to build a more proactive approach to securing your organization's Microsoft 365 data from cyberattacks and ensuring cyber resilience.
Asian Governments and Organizations Targeted in Latest Cyber Espionage Attacks

Asian Governments and Organizations Targeted in Latest Cyber Espionage Attacks

Sep 13, 2022
Government and state-owned organizations in a number of Asian countries have been targeted by a distinct group of espionage hackers as part of an intelligence gathering mission that has been underway since early 2021. "A notable feature of these attacks is that the attackers leveraged a wide range of legitimate software packages in order to load their malware payloads using a technique known as  DLL side-loading ," the Symantec Threat Hunter team, part of Broadcom Software,  said  in a report shared with The Hacker News. The campaign is said to be exclusively geared towards government institutions related to finance, aerospace, and defense, as well as state-owned media, IT, and telecom firms.  Dynamic-link library (DLL) side-loading is a popular cyberattack method that leverages how Microsoft Windows applications handle DLL files. In these intrusions, a spoofed malicious DLL is planted in the Windows Side-by-Side ( WinSxS ) directory so that the operating system ...
cyber security

The Ultimate Guide to SaaS Identity Security in 2025

websiteWing SecuritySaaS Security / Identity Threat Detection
Discover how to protect your SaaS apps from identity-based breaches with this expert 2025 guide—learn practical steps to secure every account and keep your data safe.
Expert Insights / Articles Videos
Cybersecurity Resources