URL has been copied successfully!
Hackers Abuse VMware-Signed Binary to Deploy NIGHTFORGE Loader
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Hackers Abuse VMware-Signed Binary to Deploy NIGHTFORGE Loader


Tags: , , , ,

Two closely related espionage campaigns targeting Cambodian government organizations that abuse a legitimate VMware-signed binary to sideload a custom loader dubbed NIGHTFORGE, which in turn deploys a Havoc Demon implant in memory. TRU attributes both operations to a previously unreported cluster it calls Khmer Shadow, based on targeting, lure construction and shared infrastructure; the activity […] The post Hackers Abuse VMware-Signed Binary to Deploy NIGHTFORGE Loader appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/hackers-abuse-vmware-signed-binary/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Chinese State Hackers Use New BRICKSTORM Malware Against VMware Systems
  2. China-Linked Hackers Launch Targeted Espionage Campaign on African IT Infrastructure
  3. RedNovember Hackers Targeting Government and Tech Organizations to Install Backdoor
  4. Chinese hackers are using everyday devices to hack UK firms, warns watchdog