A newly identified malware strain built for covert, long-term access to compromised systems has been documented in recent security research.
Dubbed PDFSIDER by Resecurity, the threat is delivered through Dynamic-Link Library (DLL) side-loading and is engineered to install an encrypted backdoor while evading endpoint detection mechanisms.
The Resecurity researchers described the malware as exhibiting hallmarks of advanced persistent threat (APT) operations. Its design combines stealthy execution, secure communications and anti-analysis checks, placing it closer to cyber-espionage tooling than commodity malware.
Infection Chain And Stealthy Execution
The campaign begins with spear-phishing emails that contain a ZIP archive. Inside is a legitimate, digitally signed…