Advertisement
Top
image credit: Pixabay

Blackwood APT delivers malware by hijacking legitimate software update requests

January 25, 2024

Via: Help Net Security
Category:

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood.

Blackwood has carried out cyberespionage operations against individuals and companies from China, Japan, and the United Kingdom. It leverages adversary-in-the-middle techniques to hijack update requests from legitimate software to deliver the implant.

ESET mapped the evolution of NSPX30 back to an earlier ancestor – a simple backdoor they have named Project Wood. The oldest sample found was compiled in 2005.

Read More on Help Net Security

RELATED PUBLICATIONS

North Korean Hackers Hijack Antivirus Updates for Malware Delivery
Dangerous ICS Malware Targets Orgs in Russia and Ukraine
Ukrainian Blackjack group used ICS malware Fuxnet against Russian targets

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!