Security News > 2024 > July > South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware

South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware
2024-07-03 03:33

An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a sub-cluster within the


News URL

https://thehackernews.com/2024/07/south-korean-erp-vendors-server-hacked.html