Attackers Backdoor Another Software Update Mechanism

itman · Aug 15, 2017

It's not just "something in the water" in the Ukraine .................

Attackers infiltrated the update mechanism for a popular server management software package as recently as last month and modified it to include a backdoor.

NetSarang, which has headquarters in South Korea and the United States, has removed the backdoored update, but not before it was activated on at least one victim’s machine in Hong Kong. Some of its customers include large enterprises operating in a number of industries, including financial services, energy, retail, technology, media and more.

Researchers at Kaspersky Lab today said they privately disclosed this issue to the provider in July after finding suspicious DNS requests on a customer’s network in the financial services space. The requests were found on systems used to process transactions, Kaspersky Lab said.
Click to expand...

https://threatpost.com/attackers-backdoor-another-software-update-mechanism/127452/

Rasheed187 · Aug 16, 2017

Seems to be a sophisticated attack. Like I said, even trusted tools should be monitored for suspicious behavior.

Log in or Sign up

Attackers Backdoor Another Software Update Mechanism

itman Registered Member

Rasheed187 Registered Member

Log in or Sign up

Attackers Backdoor Another Software Update Mechanism

itman Registered Member

Rasheed187 Registered Member

Useful Searches