Techly NewsGet the app

Get the latest tech news

How Chinese Attackers Breached an ISP to Poison Insecure Software Updates with Malware


An anonymous reader shared this report from BleepingComputer: A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware. Also tracked as Evasive Panda, Daggerfly, and StormCloud, this cyber-espionag...

An anonymous reader shared this report from BleepingComputer: A Chinese hacking group tracked as StormBamboo has compromised an undisclosed internet service provider (ISP) to poison automatic software updates with malware. Volexity's blog post says they observed StormBamboo "targeting multiple software vendors, who use insecure update workflows..." and then "notified and worked with the ISP, who investigated various key devices providing traffic-routing services on their network. BleepingComputer notes that "âAfter compromising the target's systems, the threat actors installed a malicious Google Chrome extension (ReloadText), which allowed them to harvest and steal browser cookies and mail data."

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Chinese

Chinese

Photo of malware

malware

Photo of insecure

insecure

Related news:

News photo

Hackers breach ISP to poison software updates with malware

News photo

U.S. Manufacturing Advocates Praise a Bipartisan Senate Bill Blocking Chinese Companies From Domestic Tax Credits

News photo

Suspected Chinese Hackers Hit Taiwanese Research Center

« Zuckerberg and Jensen show off their friendship, while an AI necklace covets yours
Hack and payback Instagram scammer gets nabbed after bragging about it on a podcast »