August 16, 2017 By Catalin Cimpanu
A group with possible links to Chinese hackers has managed to break into the servers of NetSarang — a South Korean software maker — and has hidden a backdoor in the company's software packages.
According to Kaspersky Lab researchers, who spotted the backdoor in NetSarang applications last month, attackers published backdoored apps that were signed with a legitimate NetSarang certificate.
This discovery has led researchers to believe that attackers either took the company's legitimate apps and patched the software to add the backdoor trojan, or they managed to breach NetSarang's software build servers, where they added the backdoor to the source code itself and generated new app builds.
The hackers then replaced the legitimate NetSarang software packages with trojanized versions on the company's official download servers.
Full Article.
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.