by Symantec researchersShow offThe hacker group Winnti hacked into the networks of Hong Kong government agencies for a year. The hackers used different variants of the Spyder Loader backdoor to target their targets. In the early stages of infection, Spyder Loader loads AES-encrypted blocks of data to create the next stage payload, wlbsctrl.dll. The attackers also deploy Mimikatz, a malicious program that steals passwords, to dig deeper into the victim’s network. The researchers believe that the main goal of the attackers is to gather intelligence.
