Security News > 2025 > January > China-aligned PlushDaemon APT compromises supply chain of Korean VPN
ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this cyberespionage campaign, the attackers compromised the legitimate installer, replacing it with a malicious version that deployed the group’s custom backdoor, SlowStepper. This sophisticated backdoor boasts a toolkit with over 30 components. Since at least 2019, PlushDaemon has conducted espionage operations against individuals and organizations in China, Taiwan, Hong Kong, … More → The post China-aligned PlushDaemon APT compromises supply chain of Korean VPN appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2025/01/22/plushdaemon-apt-slowstepper-supply-chain-compromise/
Related news
- PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack (source)
- NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise (source)
- Solana’s popular web3.js library backdoored in supply chain compromise (source)
- Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia (source)