A nation-state actor known for cyber espionage campaigns since 2012 is now using coin miner techniques to stay under the radar and establish persistence on victim systems. Microsoft’s Microsoft 365 Defender Threat Intelligence Team said the group deployed Monero coin miners in attacks that targeted both the private sector and government institutions in France and Vietnam between July and August earlier this year. The primary victims of the attack have been traced to state-owned enterprises in Vietnam and entities with ties to a Vietnamese government agency. A separate technique involved the use of DLL side-loading, wherein a legitimate library is replaced with a malicious variant, utilizing outdated versions of legitimate software.
Source: https://thehackernews.com/2020/12/nation-state-hackers-caught-hiding.html