According to K7 Security Labs, unknown threat actors are responsible for the attack that uses the Windows error reporting tool WerFault.exe to deploy malware by using a DLL sideloading technique.
This is done to avoid detection on the breached systems since a legitimate Windows executable is used.
The threat actors behind the campaign aren't identified, but it is believed they base in China.
