A cyberespionage group is using an advanced persistent threat technique that exploits an obscure Windows OS feature known as “hot patching” to cloak backdoors they have created in targeted systems and networks of government agencies and telecommunications companies in Asia and Southeast Asia, according to Microsoft.
The group, called Platinum by Microsoft researchers, has gained persistent access to the networks of companies it targeted and victimized over a long period without being detected. Spear phishing is the primary way the group gains initial network access, targeting an individual’s personal account as a way to get inside corporate networks.