#StormBamboo

China’s Evasive Panda Attacks ISP to Send Malicious Software Updates

by

August 5, 2024 at 03:03PM Researchers have uncovered a China-linked APT group’s attack on an ISP, employing DNS poisoning to compromise software update mechanisms. This enabled the delivery of Macma backdoor variants and post-exploitation malware, exfiltrating sensitive data from affected networks. The APT group, known as Evasive Panda, used DNS manipulation to conduct the attacks, … Read more

Hackers breach ISP to poison software updates with malware

by

August 3, 2024 at 03:41PM The Chinese hacking group StormBamboo, also known as Evasive Panda, Daggerfly, and StormCloud, has compromised an internet service provider to inject malware into automatic software updates, targeting organizations across various countries. They exploited insecure HTTP software update mechanisms, deploying malware onto victims’ devices without user interaction. They also targeted software … Read more