A Chinese state-sponsored APT group is utilizing EggStreme, a sophisticated, multi-stage fileless malware framework, for espionage and data theft. The framework operates in memory, leverages DLL sideloading, and includes a full-featured backdoor with keylogging capabilities, enabling persistent access and extensive reconnaissance. EggStreme demonstrates advanced evasion techniques and resilient command-and-control infrastructure.
Latest mentioned: 09-10
Earliest mentioned: 09-10