Cyberattack Exploits Software Update Process

Friday May 5th 2017 by Developer.com Staff
Share:

The WilySupply cyberespionage campaign delivered malware alongside software updates.

Microsoft is warning software developers and their customers about a cyberespionage campaign that delivers malware when enterprises update their applications. Called WilySupply, the campaign makes use of open source penetration tools like Evil Grade and Meterpreter and installs an "unsigned, low-prevalence executable" alongside legitimate software updates. "The downloaded executable turned out to be a malicious binary that launched PowerShell scripts bundled with the Meterpreter reverse shell, which granted the remote attacker silent control. The binary is detected by Microsoft as Rivit," Microsoft explained.

According to the company, several technology and financial organizations have fallen victim to the attack, and the software developer was also a target.

View article

Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved