Security News > 2025 > February > Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks
2025-02-18 15:09
The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor's malicious payload into an external process, waitfor.exe,
News URL
https://thehackernews.com/2025/02/chinese-hackers-exploit-mavinjectexe-to.html
Related news
- Chinese hackers targeted sanctions office in Treasury attack (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers exploit DoS flaw to disable Palo Alto Networks firewalls (source)
- White House links ninth telecom breach to Chinese hackers (source)
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
- Chinese APT Exploits BeyondTrust API Key to Access U.S. Treasury Systems and Documents (source)
- New DoubleClickjacking attack exploits double-clicks to hijack accounts (source)
- US sanctions Chinese company linked to Flax Typhoon hackers (source)
- Chinese hackers also breached Charter and Windstream networks (source)