A report by The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) has revealed that the Chinese government is leveraging TAIDOOR malware to launch remote access trojan attacks. Taidoor is installed on a target’s system as a service dynamic link library (DLL) and is comprised of two files. The first file is a loader, which is started as a service. The loader decrypts the second file, and executes it in memory, which is the main Remote Access Trojan (RAT). Watch this video to see how Deep Instinct successfully detects the attack and prevents it from launching.