Winnti’s new UNAPIMON tool hides malware from security software
April 2, 2024 at 06:01PM The Chinese ‘Winnti’ hacking group used a new malware, UNAPIMON, to run malicious processes undetected. This group, active since 2012, targets various organizations and was linked to a cyberespionage attack named ‘Earth Freybug.’ UNAPIMON uses DLL side-loading and unhooking API functions to evade detection, showcasing innovative and sophisticated tactics by … Read more