Security News > 2024 > July > South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware
2024-07-03 03:33
An unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it to a known threat actor or group, but noted that the tactics overlap with that of Andariel, a sub-cluster within the
News URL
https://thehackernews.com/2024/07/south-korean-erp-vendors-server-hacked.html
Related news
- Outlaw Group Uses SSH Brute-Force to Deploy Cryptojacking Malware on Linux Servers (source)
- OPSEC Failure Exposes Coquettte’s Malware Campaigns on Bulletproof Hosting Servers (source)
- Police detains Smokeloader malware customers, seizes servers (source)
- Oracle says "obsolete servers" hacked, denies cloud breach (source)