Common Information
| Type | Value |
|---|---|
| Value |
Process Injection - T1631 |
| Category | Attack-Pattern |
| Type | Mitre-Attack-Pattern |
| Misp Type | Cluster |
| Description | Adversaries may inject code into processes in order to evade process-based defenses or even elevate privileges. Process injection is a method of executing arbitrary code in the address space of a separate live process. Running code in the context of another process may allow access to the process's memory, system/network resources, and possibly elevated privileges. Execution via process injection may also evade detection from security products since the execution is masked under a legitimate process. Both Android and iOS have no legitimate way to achieve process injection. The only way this is possible is by abusing existing root access or exploiting a vulnerability. |
| Details | Published | Attributes | CTI | Title | ||
|---|---|---|---|---|---|---|
| Details | Website | 2025-03-20 | 13 | Fake CAPTCHA PDFs Spread Lumma Stealer via Webflow, GoDaddy, and Other Domains: A Deep Dive into the Campaign - CyberSRC | ||
| Details | Website | 2025-03-20 | 8 | Leaking Passwords | ||
| Details | Website | 2025-03-19 | 37 | Emulating the Sophisticated Chinese Adversary Salt Typhoon | ||
| Details | Website | 2025-03-18 | 5 | Cobalt Strike 4.11 Released with Built-In Evasion Features for Red Teams | ||
| Details | Website | 2025-03-18 | 75 | Operation AkaiRyū: MirrorFace invites Europe to Expo 2025 and revives ANEL backdoor | ||
| Details | Website | 2025-03-17 | 35 | What Is The New Steganographic Campaign Distributing Multiple Malware | ||
| Details | Website | 2025-03-17 | 31 | New Steganographic Campaign Distributing Multiple Malware Variants | ||
| Details | Website | 2025-03-13 | 3 | Red Report 2025: Unmasking a 3X Spike in Credential Theft and Debunking the AI Hype | ||
| Details | Website | 2025-03-12 | 48 | Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers | ||
| Details | Website | 2025-03-12 | 3 | Chinese Hackers Implant Backdoor Malware on Juniper Routers | ||
| Details | Website | 2025-03-12 | 23 | Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers | Google Cloud Blog | ||
| Details | Website | 2025-03-11 | 1 | MITRE ATT&CK T1055.015 Process Injection: ListPlanting | ||
| Details | Website | 2025-03-10 | 3 | Ragnar Loader Used by Multiple Ransomware Groups to Bypass Detection | ||
| Details | Website | 2025-03-10 | 1 | MITRE ATT&CK T1055.014 Process Injection: VDSO Hijacking | ||
| Details | Website | 2025-03-08 | 12 | Threat Campaign Alert: EByte Ransomware — A New Threat Utilizing ChaCha20 and ECIES Encryption… | ||
| Details | Website | 2025-03-07 | 0 | The Ultimate 2025 Guide to Securing a Job in Red Teaming 👨💻. | ||
| Details | Website | 2025-03-07 | 0 | Cybercriminals Impersonate DeepSeek to Spread Malware, Targeting Chinese Users | ||
| Details | Website | 2025-03-07 | 11 | MITRE ATT&CK T1055.013 Process Injection: Process Doppelgänging | ||
| Details | Website | 2025-03-06 | 12 | Ghostly Hollowing — probably the most bizarre Windows process injection technique I know | ||
| Details | Website | 2025-03-06 | 4 | MITRE ATT&CK T1055.005 Process Injection: Thread Local Storage | ||
| Details | Website | 2025-03-06 | 71 | Malvertising campaign leads to info stealers hosted on GitHub | Microsoft Security Blog | ||
| Details | Website | 2025-03-05 | 3 | We’re losing — but it can’t get any worse, right? | ||
| Details | Website | 2025-03-05 | 8 | Defend Your Enterprise Against the Infostealer Epidemic | ||
| Details | Website | 2025-03-05 | 134 | Satori Threat Intelligence Disruption: BADBOX 2.0 Targets Consumer Devices with Multiple Fraud Schemes - HUMAN Security | ||
| Details | Website | 2025-03-05 | 7 | MITRE ATT&CK T1055.003 Process Injection: Thread Execution Hijacking |