skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

IPany VPN Experiences Supply Chain Attack, Malware Deployed

/ 1 min read

🌀 South Korean VPN provider IPany suffers supply chain attack by PlushDaemon hackers. The hacking group compromised IPany’s VPN installer, deploying the custom ‘SlowStepper’ malware that infected customer systems upon installation. ESET researchers revealed that the attack affected various companies, including a South Korean semiconductor firm, with the first signs of infection traced back to November 2023 in Japan. The malicious installer, downloaded from IPany’s website, not only installed the legitimate VPN but also embedded harmful files that allowed extensive data collection and espionage capabilities. Although the malicious installer has been removed, users who downloaded the VPN between November 2023 and May 2024 are advised to take action to clean their systems.

Source
{entry.data.source.title}
Original