Highly aggressive Dragon Boss Solutions-distributed adware has inadvertently exposed over 25,000 systems around the world due to an unsecured software update channel that could have been taken over to issue malicious updates for only about $10, according to Cybernews.Malicious actors have harnessed the misconfigured update path to facilitate a multi-stage attack chain, with the signed software enabling the clandestine retrieval and execution of antivirus-killing payloads with SYSTEM privileges, a report from Huntress revealed. After sinkholing a pair of exposed domains, one of which has been integrated into the adware's infrastructure, Huntress researchers discovered attempted communications with illicit infrastructure from 23,565 IP addresses.Nearly 54% of hosts compromised in the attack were in the U.S., with France, Canada, the UK, and Germany having the next highest number of infected hosts. Additional findings showed infections across 245 North American, European, and Asian educational entities, 41 operational technology networks, 35 government organizations, and three healthcare institutions.
Supply chain, Threat Intelligence
Over 25K systems exposed by adware app to supply chain compromise

(Adobe Stock)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



