Security News > 2025 > January > China-aligned PlushDaemon APT compromises supply chain of Korean VPN

ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this cyberespionage campaign, the attackers compromised the legitimate installer, replacing it with a malicious version that deployed the group’s custom backdoor, SlowStepper. This sophisticated backdoor boasts a toolkit with over 30 components. Since at least 2019, PlushDaemon has conducted espionage operations against individuals and organizations in China, Taiwan, Hong Kong, … More → The post China-aligned PlushDaemon APT compromises supply chain of Korean VPN appeared first on Help Net Security.

News URL

https://www.helpnetsecurity.com/2025/01/22/plushdaemon-apt-slowstepper-supply-chain-compromise/