Security News > 2025 > February > Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks
2025-02-18 15:09
The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor's malicious payload into an external process, waitfor.exe,
News URL
https://thehackernews.com/2025/02/chinese-hackers-exploit-mavinjectexe-to.html
Related news
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Chinese Hackers Abuse IPv6 SLAAC for AitM Attacks via Spellbinder Lateral Movement Tool (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
- Chinese Weaver Ant hackers spied on telco network for 4 years (source)
- Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps (source)
- Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)