Attackers infiltrated the update mechanism for a popular server management software package as recently as last month and modified it to include a backdoor.
NetSarang, which has headquarters in South Korea and the United States, has removed the backdoored update, but not before it was activated on at least one victim’s machine in Hong Kong. Some of its customers include large enterprises operating in a number of industries, including financial services, energy, retail, technology, media and more.
Full Article.