Hackers Target Chinese Gamers With Microsoft-Signed Rootkit

Kernel mode driver can download second-stage payload directly to memory, allowing threat actors to evade endpoint detection and response tools.