Security News > 2025 > January > China-aligned PlushDaemon APT compromises supply chain of Korean VPN
ESET researchers have uncovered a supply chain attack targeting a South Korean VPN provider, carried out by PlushDaemon, a newly identified China-aligned APT group. In this cyberespionage campaign, the attackers compromised the legitimate installer, replacing it with a malicious version that deployed the group’s custom backdoor, SlowStepper. This sophisticated backdoor boasts a toolkit with over 30 components. Since at least 2019, PlushDaemon has conducted espionage operations against individuals and organizations in China, Taiwan, Hong Kong, … More → The post China-aligned PlushDaemon APT compromises supply chain of Korean VPN appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2025/01/22/plushdaemon-apt-slowstepper-supply-chain-compromise/
Related news
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- CISA Warns of Active Exploitation in GitHub Action Supply Chain Compromise (source)
- China-Linked APT Aquatic Panda: 10-Month Campaign, 7 Global Targets, 5 Malware Families (source)
- China-linked FamousSparrow APT group resurfaces with enhanced capabilities (source)