http://i1.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2014/07/Chinese-hackers-espionage.jpg?zoom=2&resize=630%2C347
State-sponsored actors in Asia have been leveraging fileless RAT for their hacking campaigns in order to avoid the detection.
Security experts from SentinelOne spotted nation-state actors in Asia running espionage campaigns relying on fileless Remote Access Trojan. The state-sponsored hackers were injecting the RAT payload directly into the memory of the target host in order to avoid detection by security solutions.
“Recently we detected a more sophisticated technique that a handful of countries across Asia are actively using to infect systems with RATs. This new technique ensures that the payload/file remains in memory through its execution, never touching the disk in a de-encrypted state.” read the blog post published by SentinelOne.
“In doing so, the attacker can remain out of view from antivirus technologies, and even ‘next-generation’ technologies that only focus on file-based threat vectors.”
Full Article
More information on NanoCore here
