Security News > 2025 > February > Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks
2025-02-18 15:09
The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor's malicious payload into an external process, waitfor.exe,
News URL
https://thehackernews.com/2025/02/chinese-hackers-exploit-mavinjectexe-to.html
Related news
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- Ransomware gangs exploit Paragon Partition Manager bug in BYOVD attacks (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)