A group of cybercriminals, code-named PLATINUM by Microsoft's Windows Defender Advanced Threat Hunting Team, has “gone to great lengths” over many years “to develop covert techniques” so their cyber-espionage campaigns will evade detection, even using Windows's support for “hotpatching” against it, according to a blog post.
Although details about the PLATINUM team itself are scarce, Microsoft's threat hunters have learned a great deal about the techniques the group has used to exploit zero-day vulnerabilities as well as evasive measures such as using self-deleting malware.
The cybergang primarily aims its attacks at government organizations, defense groups, intelligence agencies, and telecommunication providers located in South and Southeast Asia, Microsoft said.
Read more PLATINUM gang exploited Microsoft 'hotpatching' support to mask activities
Although details about the PLATINUM team itself are scarce, Microsoft's threat hunters have learned a great deal about the techniques the group has used to exploit zero-day vulnerabilities as well as evasive measures such as using self-deleting malware.
The cybergang primarily aims its attacks at government organizations, defense groups, intelligence agencies, and telecommunication providers located in South and Southeast Asia, Microsoft said.
Read more PLATINUM gang exploited Microsoft 'hotpatching' support to mask activities
