Kaspersky Lab discovered attackers were able to modify the NetSarang software update process to include a malware tracked as ShadowPad backdoor.
Software update mechanism could be an efficient attack vector, news of the day is that hackers compromised the update process for a popular server management software package developed by NetSarang.
Attackers were able to modify the software update process last month and modified it to include a backdoor tracked as ShadowPad, that affected at least one victim’s machine in Hong Kong.
NetSarang Computer, Inc. provides secure connectivity solutions and specializes in the development of server management tools for large corporate networks in many industries, including financial services, energy, retail, technology, and media.
Full Article.