Worok Cyberespionage Group Hides New Malware in PNG Files via LSB Encoding
While the method used to breach networks remains unknown, Avast believes that the Worok group likely uses DLL sideloading to execute the CLRLoader malware loader into memory.