Security News > 2023 > March > Data loss prevention company hacked by Tick cyberespionage group

Data loss prevention company hacked by Tick cyberespionage group
2023-03-15 11:10

ESET researchers have uncovered a compromise of an East Asian data loss prevention company.

The attackers utilized at least three malware families during the intrusion, compromising both the internal update servers and third-party tools utilized by the company.

The customer portfolio of the DLP company includes government and military entities, making the compromised company an especially attractive target for an APT group such as Tick.

The initial attack happened in March 2021, and ESET notified the company of the compromise.

Since trojanized installers were transferred via remote support software, ESET Research hypothesizes that this took place while the DLP company was providing technical support.

The attackers also compromised two internal update servers, which delivered malicious updates for the software developed by this DLP company on two occasions to machines inside the network of the DLP company.


News URL

https://www.helpnetsecurity.com/2023/03/15/data-loss-prevention-company-hacked-by-tick-cyberespionage-group/