Bad backdoor found in server software used by financial institutions
Software security used globally by banks, energy firms and pharmaceutical manufacturers had a backdoor surreptitiously added by an advanced attacker that allowed a full takeover of target networks. Kaspersky Lab researchers published a report on Tuesday warning about the backdoor, called ShadowPad, that impacted products sold by NetSarang, a software company headquartered in the United States and South Korea. The backdoor was active from July 17 to August 4 when it was sniffed out by Kaspersky researchers who found suspicious DNS requests in a Hong Kong financial institution using NetSarang’s software. News of ShadowPad comes on the heels of June’s NotPetya outbreak. A backdoor in the Ukranian tax software M.E.Doc allowed attackers to push malware to victims through the software’s update feature, outlining how backdoored supply-chain attacks can lead to weaponized updates. Kaspersky pointed to other attacks similar to ShadowPad including the 2013’s WinNTi malware and 2015’s PlugX Trojan. “ShadowPad is an example of how dangerous […]
The post Bad backdoor found in server software used by financial institutions appeared first on Cyberscoop.
Continue reading Bad backdoor found in server software used by financial institutions