Hackers hijack antivirus updates to drop GuptiMiner malware
April 23, 2024 at 10:59AM North Korean hackers have exploited the eScan antivirus updating mechanism to plant backdoors on corporate networks. Using malware named GuptiMiner, they perform DNS requests, extract payloads, and exploit system-level privileges via eScan updates. The hackers have deployed various malware tools, including backdoors and a cryptocurrency miner. Avast researchers identified and … Read more