This site may contain outdated or incomplete information.
Legitimate software update mechanism abused to deliver wiper malware
ESET researchers analyzed a supply-chain attack abusing the software update mechanism of an Israeli ISV in order to deploy a wiper on target organizations in the diamond industry.
Impact
Organizations in Israel, South Africa and Hong Kong were compromised according to ESET, who also said the campaign lasted less than three hours with the ISV pushing out clean updates within a matter of hours of the attack.
Type of compromise
While ESET assesses that the Fantasy wiper was deployed using the ISV’s legitimate software update mechanism, it’s unclear from the report whether this involved code signing, which is why we classify this compromise in the Publishing infrastructure category.
References.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.