Displaying items by tag: supply chain attacks

Supply chain attacks are all the rage right now (although certainly not new). These attacks are part of what appears to be a multi-pronged shift in the threat landscape. While attacks on the endpoint and users are still happening, we are also seeing expanded efforts in targeting edge devices, networking equipment, and an increased focus on open-source repositories. Recently a new campaign was discovered that is leveraging open-sourced software supply chain attacks in an effort to target the banking sector.

As we hear more about Supply Chain attacks and the need for Software Build of Materials we are now hearing of an attack on the popular game, Minecraft. It seems that attackers are leveraging popular Modding platforms to push out information stealing malware (Fractureiser). They are accomplishing this by injecting malicious code into modifications that are then uploaded to different platforms. These are then downloaded and installed by unwary gamers.

TrendMicro made a shocking revelation at Black Hat Asia 2023 where they disclosed an operation that has been running since 2018 targeting Android devices. The scheme was uncovered in 2021 while researchers at TrendMicro were looking into SMS PVA (Phone Verified Accounts) mobile bot net. They identified that the botnet had been helped along by a supply chain attack targeting the image used by OEM to rapidly deploy the OS onto the devices.

Supply chain attacks are always a concern when it comes to device manufacture and distribution. If an attacker can compromise a part of the supply or management chain, they can affect a large part of the market with relatively minimal effort. The SolarWinds supply chain attack is a perfect example of this type of attack that successfully compromised multiple businesses with only one real “attack”. Now security researchers have disclosed a new group of vulnerabilities in PTC’s Axeda software that allow them to attack the devices after distribution.