Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks

Chinese state-sponsored threat actor Mustang Panda, also known as Earth Preta, is using a new technique to evade detection in targeted cyber attacks. They are injecting malicious payloads into legitimate processes using MAVInject.exe, a Microsoft utility, to bypass ESET antivirus detection. The malware, a variant of the TONESHELL backdoor, communicates with a command-and-control server for data exfiltration.