Info Stealing Campaign Uses DLL Sideloading Through Legitimate Cisco Webex’s Binaries for Initial Execution and Defense Evasion
released on 2024-06-20 @ 12:18:57 PM
In March 2024, researchers at the Trellix Advanced Research Center uncovered a sophisticated and evasive attack campaign targeting users in Latin America and Asia Pacific through trojanized copies of the Cisco Webex Meetings App. This campaign employed a stealthy malware loader, known as HijackLoader, and an information-stealing module identified as Vidar Stealer, to siphon off credentials and sensitive data undetected by leveraging legitimate processes.