Chinese hackers hijacked an ISP software update to spread malware


Windows and macOS machines alike have been hit by malware after notorious Chinese hacker group StormBamboo used a compromised internet service provider (ISP) to target organizations with poisoned DNS responses.

StormBamboo used altered DNS query responses tied to automatic update mechanisms to target organizations that used insecure update mechanisms that did not properly validate the digital signatures. The organizations’ applications would then search for updates, but instead of retrieving the update from the official site, they would instead download malware.

Read more…
Source: MSN News


Sign up for our Newsletter


Related:

  • NSA Advocates Data Sharing Framework

    June 23, 2017

    The economics of cybersecurity are skewed in favor of attackers, who invest once and can launch thousands of attacks with a piece of malware or exploit kit. That’s why Neal Ziring, technical director for the NSA’s Capabilities Directorate, wants to flip the financial equation on bad guys. “We need to conduct defenses in a way that ...