{"id":139798,"date":"2022-05-25T03:22:28","date_gmt":"2022-05-25T08:22:28","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2022\/05\/trend-micro-fixes-bug-chinese-hackers-exploited-for-espionage"},"modified":"2022-05-25T03:22:28","modified_gmt":"2022-05-25T08:22:28","slug":"trend-micro-fixes-bug-chinese-hackers-exploited-for-espionage","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2022\/05\/trend-micro-fixes-bug-chinese-hackers-exploited-for-espionage","title":{"rendered":"Trend Micro fixes bug Chinese hackers exploited for espionage"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/trend-micro-fixes-bug-chinese-hackers-exploited-for-espionage2.jpg\"><\/a><\/p>\n<p>Trend Micro says it patched a DLL hijacking flaw in Trend Micro Security used by a Chinese threat group to side-load malicious DLLs and deploy malware.<\/p>\n<p>As Sentinel Labs revealed in <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/chinese-cyber-espionage-group-moshen-dragon-targets-asian-telcos\/\" target=\"_blank\">an early-May report<\/a>, the attackers exploited the fact that security products run with high privileges on Windows to plant and load their own maliciously crafted DLL into memory, allowing them to elevate privileges and execute code.<\/p>\n<p>\u201cTrend Micro is aware of some research that was published on May 2, 2022, regarding a purported Central-Asian-based threat actor dubbed \u2018Moshen Dragon\u2019 that had deployed malware clusters that attempted to hijack various popular security products, including one from Trend Micro,\u201d the cybersecurity company said.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Trend Micro says it patched a DLL hijacking flaw in Trend Micro Security used by a Chinese threat group to side-load malicious DLLs and deploy malware. As Sentinel Labs revealed in an early-May report, the attackers exploited the fact that security products run with high privileges on Windows to plant and load their own maliciously [\u2026]<\/p>\n","protected":false},"author":396,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-139798","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/139798","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/396"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=139798"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/139798\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=139798"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=139798"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=139798"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}