New PlugX Sample Evades Detection via Legitimate Windows Debugger Tool

Trend Micro found PlugX RAT masquerading as an open-source Windows debugger tool, dubbed x32dbg, with an aim to evade security controls and gain control over the target system. Attackers use DLL side-loading to execute malicious code via the DLLs of the debugger tool, allowing attackers to bypass security restrictions and escalate privileges.