“The attackers compromised the DLP Company’s internal update servers to deliver malware inside the software developer’s network, and trojanised installers of legitimate third-party tools used by the company, which eventually resulted in the execution of malware on the computers of its customers,” says ESET researcher Facundo Muñoz, who discovered Tick’s latest operation. The customer portfolio of the DLP Company includes government and military entities, making the compromised company an especially attractive target for an APT group such as Tick. Based on Tick’s profile, the objective of the attack was most likely cyberespionage. ESET attributes the campaign with high confidence to the Tick APT group. As a result, two customers of the company were subsequently compromised. During the intrusion, the attackers deployed at least three malware families and compromised internal update servers and third-party tools used by the affected company. ESET researchers have uncovered a compromise of an East Asian data-loss prevention (DLP) company.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |