Stealthy Attack: Dual Injection Undermines Chrome’s App-Bound Encryption

Key Takeaways Cyble Research and Intelligence Labs (CRIL) identified malware being spread via a ZIP file containing an .LNK file disguised as a PDF and an XML project file masquerading as a PNG to trick users into opening it. The filename suggests that the malware is likely targeting organizations in Vietnam, particularly in the Telemarketing or Sales sectors. The LNK file creates a scheduled task that runs every 15 minutes, executing MSBuild.exe to deploy malicious C# code. The malware is capab