COM (Component Object Model) hijacking is a technique in which threat actors exploit the core architecture of Windows by adding a new value on a specific registry key related to the COM object.
This allows the threat actors to achieve both persistence and privilege escalation on target systems. However, several malware families have been found to be utilizing this technique to abuse COM objects.
Several samples of these kinds of malware have been discovered by researchers at VirusTotal since 2023. According to the reports shared with Cyber Security News, threat actors also abused several COM objects for persistent access to the compromised systems. Read More..