An advanced continuous threat (ACT) group originating from China has been linked to the breach of a military enterprise based in the Philippines, employing a previously unrecorded fileless malware framework referred to as EggStreme.
“This multi-step toolkit enables ongoing, discreet espionage by inserting harmful code straight into memory and utilizing DLL sideloading to carry out payloads,” stated Bitdefender.