PlugX Uses Legitimate Samsung Application for DLL Side-Loading
released on 2015-05-02 @ 11:48:03 AM
While threat actors using the PlugX Trojan typically leverage legitimate executables to load their malicious DLLs through a technique called DLL side-loading, Unit 42 has observed a new executable in use for this purpose. Threat actors are now using this previously unseen executable, created by Samsung, to load variants of the PlugX Trojan.