close
close

Persistent malware WordDrone uses DLL Side-Loading to compromise Taiwan’s drone industry

Persistent malware WordDrone uses DLL Side-Loading to compromise Taiwan’s drone industry

A recent investigation by Acronis Threat Research Unit (TRU) has revealed a complex attack that used an old version of Microsoft Word as a conduit to install a persistent backdoor on infected systems.

WordDrone targets companies in Taiwan, especially those involved in the drone manufacturing industry. The investigation found that the malware was installed on systems of companies operating in Taiwan’s growing drone industry, which has seen significant government investment since 2022.