Security News > 2025 > January > PlushDaemon APT Targets South Korean VPN Provider in Supply Chain Attack
2025-01-22 08:49
A previously undocumented China-aligned advanced persistent threat (APT) group named PlushDaemon has been linked to a supply chain attack targeting a South Korean virtual private network (VPN) provider in 2023, according to new findings from ESET. "The attackers replaced the legitimate installer with one that also deployed the group's signature implant that we have named SlowStepper – a
News URL
https://thehackernews.com/2025/01/plushdaemon-apt-targets-south-korean.html
Related news
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
- China-Linked Silk Typhoon Expands Cyber Attacks to IT Supply Chains for Initial Access (source)
- Ransomware gang creates tool to automate VPN brute-force attacks (source)
- GitHub supply chain attack spills secrets from 23,000 projects (source)
- Supply chain attack on popular GitHub Action exposes CI/CD secrets (source)
- Google acquisition target Wiz links fresh supply chain attack to 23K pwned GitHub repos (source)
- GitHub Action hack likely led to another in cascading supply chain attack (source)
- GitHub Action supply chain attack exposed secrets in 218 repos (source)
- Coinbase Initially Targeted in GitHub Actions Supply Chain Attack; 218 Repositories' CI/CD Secrets Exposed (source)