Security News > 2025 > January > PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
2025-01-22 08:49
A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new findings from ESET. "The attackers replaced the legitimate installer with one that also deployed the group's signature implant that we have named SlowStepper – a
News URL
https://thehackernews.com/2025/01/plushdaemon-apt-targets-south-korean.html
Related news
- China-aligned PlushDaemon APT compromises supply chain of Korean VPN (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- Supply chain attack hits Chrome extensions, could expose millions (source)
- Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant' (source)
- Massive brute force attack uses 2.8 million IPs to target VPN devices (source)
- North Korea targets crypto developers via NPM supply chain attack (source)
- SonicWall firewalls now under attack: Patch ASAP or risk intrusion via your SSL VPN (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)