Dragon Breath APT Uses Double DLL Sideloading Tactic

05-May-23

Experts at Sophos have noticed a new trend in which APT hacking groups like Dragon Breath, Golden Eye Dog, or APT-Q-27 are adopting a number of intricate versions of the traditional DLL sideloading technique to elude detection.

The organisation is thought to focus on online gambling and its users. These actors employed numerous situations in which the second-stage application is swapped out for additional clean applications because they enjoyed the two-clean-apps scenario so much.

Read More…