PlushDaemon
‘PlushDaemon’ hackers hijack software updates in supply-chain attacks
A China-linked threat actor tracked as ‘PlushDaemon’ is hijacking software update traffic using a new implant called EdgeStepper in cyberespionage operations. Since 2018, PlushDaemon hackers have targeted individuals and organizations in the United States, China, Taiwan, Hong Kong, South Korea, and New Zealand with custom malware, such as the SlowStepper backdoor. PlushDaemon has compromised electronics manufacturers, universities, […]
IPany VPN breached in supply-chain attack to push custom malware
South Korean VPN provider IPany was breached in a supply chain attack by the “PlushDaemon” China-aligned hacking group, who compromised the company’s VPN installer to deploy the custom ‘SlowStepper’ malware. The hackers managed to infiltrate IPany’s development platform and insert its custom ‘SlowStepper’ backdoor on its installer (‘IPanyVPNsetup.exe’), which infected customer systems when the VPN was […]