Techly NewsGet the app

Get the latest tech news

Mac and Windows Users Infected By Software Updates Delivered Over Hacked ISP


An anonymous reader quotes a report from Ars Technica: Hackers delivered malware to Windows and Mac users by compromising their Internet service provider and then tampering with software updates delivered over unsecure connections, researchers said. The attack, researchers from security firm Volexit...

The attack, researchers from security firm Volexity said, worked by hacking routers or similar types of device infrastructure of an unnamed ISP. The attackers then used their control of the devices to poison domain name system responses for legitimate hostnames providing updates for at least six different apps written for Windows or macOS. As an example, the 5KPlayer app uses an unsecure HTTP connection rather than an encrypted HTTPS one to check if an update is available and, if so, to download a configuration file named Youtube.config.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Mac

Mac

Photo of Windows

Windows

Photo of users

users

Related news:

News photo

Users call on Microsoft to update Outlook's friendly name feature

News photo

Mac and Windows users infected by software updates delivered over hacked ISP

News photo

Design Flaw Has Microsoft Authenticator Overwriting MFA Accounts, Locking Users Out

« The Google TV Streamer might be the Apple TV 4K rival we’ve been waiting for
Gemini intelligence is coming to Google Home »