APT41's New Malware UNAPIMON Unveiled: Stealthy Cyber Espionage Threat
April 3, 2024![APT41's New Malware UNAPIMON Unveiled: Stealthy Cyber Espionage Threat](https://cdn.brief.news/images/stories/33181c4dd38247074ce9bd5e98bbdee84d464e89045c7bd92ee59210272673ab5da8738b44ed4962e9de20f03239dcf26ef0ecec28c379c6bfa08646a5032d73.jpg)
Cybersecurity firm Trend Micro has uncovered a new malware named UNAPIMON which is linked to the advanced Chinese hacking group APT41, known as Winnti.
APT41 is a state-backed entity engaged in both cyberespionage and financially driven cyberattacks, affecting a wide range of sectors internationally.
UNAPIMON is crafted in C++ and delivered as a DLL, utilizing Microsoft Detours for evading detection by interfering with critical API functions in child processes.
The malware is used by Earth Freybug, an actor associated with APT41, to circumvent Windows API monitoring, thereby avoiding discovery by antivirus systems.
Earth Freybug's activities include cyber espionage, supply chain attacks, and theft of trade secrets and intellectual property, targeting the US, Asia, governments, and critical infrastructures.
APT41 has been operational since at least 2012 and has faced charges from the US government for its involvement in widespread cyberattacks.
The emergence of UNAPIMON highlights the need for organizations to bolster their defenses against sophisticated cyber threats posed by groups like APT41.
Summary based on 3 sources
Get a daily email with more Tech stories
Sources
![Winnti's new UNAPIMON tool hides malware from security software](https://cdn.brief.news/images/links/33181c4dd38247074ce9bd5e98bbdee84d464e89045c7bd92ee59210272673ab5da8738b44ed4962e9de20f03239dcf26ef0ecec28c379c6bfa08646a5032d73.jpg)
BleepingComputer • Apr 2, 2024
Winnti's new UNAPIMON tool hides malware from security software![China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations](https://cdn.brief.news/images/links/0d0abe834d8396109de29627648f390aaac74d618bf210e308c050969def1a3d90a8007216fdb2daaede8712d6263b69e36066001316a28633d73c519148efc6.png)
The Hacker News • Apr 2, 2024
China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations![China-Linked Threat Actor Taps 'Peculiar' Malware to Evade Detection](https://cdn.brief.news/images/links/79a4c92eeeb4f644a2c037d6563b0d35f6f7f06fa8c8e436688d1adce424f4641322778aa739d0801436b9eb51bf571e7fa7f338ea38cfe6c6ccdff606dcfaa9.jpg)
Dark Reading • Apr 2, 2024
China-Linked Threat Actor Taps 'Peculiar' Malware to Evade Detection