BleepingComputer reports that new attacks by advanced persistent threat operation Dragon Breath, also known as APT-Q-27 and Golden Eye Dog, involving different variations of double DLL sideloading have been targeted at Chinese-speaking Windows users in China, Taiwan, Hong Kong, Japan, Singapore, and the Philippines. Trojanized Telegram, WhatsApp, and LetsVPN apps have been leveraged by Dragon Breath to facilitate the sideloading of a second-stage payload, which in turn facilitates malicious malware loader DLL sideloading, according to a report from Sophos.

Read full article on SC Magazine