Hackers Target Chinese Gamers With Microsoft-Signed Rootkit

Kernel mode driver can download second-stage payload directly to memory, allowing threat actors to evade endpoint detection and response tools.

Related Keywords

China ,Chinese ,Mahmoud Zohdy ,Sherif Magdy ,Cisco Talos ,Mohamed Fahmy ,Microsoft Partner Center ,Microsoft ,Trend Micro ,Sophos ,Windows Defender ,Last December ,Microsoft Signed Windows ,Windows Socket Kernel ,Domain Generating Algorithm ,