Symantec identified Whitefly as the group responsible for an attack on Singapore organization SingHealth last July that resulted in the theft of 1.5 million patient records. Whitefly has been using a combination of custom malware, open source tools, and living-off-the-land tactics in its attacks. Most of the victims have been Singapore-based companies, but a handful of multinational firms with operations in the country have been affected as well. The group has been does this using a well-documented technique known as search-order hijacking or DLL load-order attacks.”]