Brigid O Gorman of Symantec Threat Hunter Team told BleepingComputer that the attacker uses a clean version of VLC with a malicious DLL file in the same path as the media player's export functions.
The technique is known as DLL side-loading and it is widely used by threat actors to load malware into legitimate processes to hide the malicious activity.
これが関係ある? (スコア:0)
似たような話のようだけど同じというわけではないように見える
https://www.androidpolice.com/hackers-vlc-malware/ [androidpolice.com]
Re:これが関係ある? (スコア:1)
PCMaticが関連リンクにつけてる記事 [bleepingcomputer.com]によると、
Brigid O Gorman of Symantec Threat Hunter Team told BleepingComputer that the attacker uses a clean version of VLC with a malicious DLL file in the same path as the media player's export functions.
The technique is known as DLL side-loading and it is widely used by threat actors to load malware into legitimate processes to hide the malicious activity.
Notepad++にCIAが悪用する脆弱性(exeと同じ位置にdllを置くとそれが読まれてしまう) [security.srad.jp]と同じだと思う。