Security News > 2020 > August > Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack
Threat actors exploited a vulnerability in the popular 3D computer graphics Autodesk software in order to launch a recent cyber-espionage attack against an international architectural and video production company.
Researchers said that further analysis of the attack points to a sophisticated, APT-style group that had prior knowledge of the company's security systems and used software applications, carefully planning their attack to infiltrate the company and exfiltrate data undetected.
The hallmark of the attack is its use of a malicious plugin for Autodesk 3ds Max, a computer graphics program used by engineering, architecture or gaming organizations for making 3D animations, which is developed by Autodesk Media and Entertainment.
In reality, the plugin is a variant of a MAXScript exploit of Autodesk 3ds Max, which is called "PhysXPluginMfx."
Autodesk for its part issued an advisory for the flaw earlier in August: "Autodesk recommends 3ds Max users download the latest version of Security Tools for Autodesk 3ds Max 2021-2015SP1 available in the Autodesk App Store to identify and remove the PhysXPluginMfx MAXScript malware," according to the company.
News URL
https://threatpost.com/hackers-exploit-autodesk-flaw-in-recent-cyberespionage-attack/158669/
Related news
- North Korean govt hackers linked to Play ransomware attack (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Hackers increasingly use Winos4.0 post-exploitation kit in attacks (source)
- New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)