PlushDaemon APT Targets IPanyVPN in Supply Chain Attack
/ 1 min read
🦠 Newly Discovered APT Group PlushDaemon Executes Supply Chain Attack on South Korean VPN. ESET researchers have identified a cyberespionage campaign linked to PlushDaemon, a previously undocumented China-aligned advanced persistent threat (APT) group. The campaign involved a supply chain attack on the IPany VPN provider, where attackers replaced the legitimate VPN installer with a malicious version that deployed the SlowStepper backdoor. This sophisticated malware, designed for long-term espionage, includes over 30 components for various malicious operations and has targeted individuals and organizations across multiple regions, including South Korea, the U.S., and New Zealand. The incident underscores the risks of supply chain vulnerabilities, emphasizing the need for organizations to verify the authenticity of software downloads.
