QBot's New Campaign Uses WordPad For Windows 10 As An Infection Vector
QBot malware has been spotted to abuse a DLL hijacking vulnerability in the Windows 10 WordPad to infect targeted devices. Since WordPad is legitimate software, the attack is a lot harder to detect. The DLL hijacking technique is performed by creating a malicious DLL of the same name as a legitimate one and then placing it in the same folder next to the executable file causing the harmful DLL to launch right after the executable. Read more...