A sophisticated new malware/trojan attack is designed to steal login credentials and credit card information from payment systems, banks and crypto exchanges. This attack tricks legitimate business applications into running compromised but innocent-looking dynamic link library (DLL) files — making it very difficult to detect and block.
DLL sideloading is a technique used by cybercriminals to execute malicious code on a target system by exploiting the way Windows loads dynamic link libraries (DLLs). This blog explores how Check Point’s advanced Threat Emulation engines, part of Infinity ThreatCloud AI, detected and prevented a DLL Sideloading attack on one of our customers.