Blog
Share This Post
[ad_1]
Organizations across East Asia, including a semiconductor firm and software development company in South Korea and others in China and Japan, have been targeted by newly discovered Chinese advanced persistent threat operation PlushDaemon with the SlowStepper malware in a cyberespionage intrusion involving a malicious installer for South Korean VPN provider IPany, according to The Hacker News.
Execution of the trojanized installer — which took the place of IPany’s legitimate one following a supply chain attack by PlushDaemon in 2023 — triggers deployment of a loader with another DLL eventually resulting in the running of SlowStepper, which supports commands enabling extensive system info theft, file deletion, Python module execution, and self-deletion, an analysis from ESET revealed. “The numerous components in the PlushDaemon toolset, and its rich version history, show that, while previously unknown, this China-aligned APT group has been operating diligently to develop a wide array of tools, making it a significant threat to watch for,” said ESET.
Get essential knowledge and practical strategies to fortify your network security.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
