QBot's New Campaign Uses WordPad For Windows 10 As An Infection Vector
QBot malware has been spotted to abuse a DLL hijacking vulnerability in the Windows 10 WordPad to infect targeted devices.
Since WordPad is legitimate software, the attack is a lot harder to detect.
The DLL hijacking technique is performed by creating a malicious DLL of the same name as a legitimate one and then placing it in the same folder next to the executable file causing the harmful DLL to launch right after the executable.
Read more...