Supply chain, Threat Intelligence

Over 25K systems exposed by adware app to supply chain compromise

A 3D rendering shows a chain of binary code links breaking apart, symbolizing a data breach or cybersecurity vulnerability.

Highly aggressive Dragon Boss Solutions-distributed adware has inadvertently exposed over 25,000 systems around the world due to an unsecured software update channel that could have been taken over to issue malicious updates for only about $10, according to Cybernews.

Malicious actors have harnessed the misconfigured update path to facilitate a multi-stage attack chain, with the signed software enabling the clandestine retrieval and execution of antivirus-killing payloads with SYSTEM privileges, a report from Huntress revealed. After sinkholing a pair of exposed domains, one of which has been integrated into the adware's infrastructure, Huntress researchers discovered attempted communications with illicit infrastructure from 23,565 IP addresses.

Nearly 54% of hosts compromised in the attack were in the U.S., with France, Canada, the UK, and Germany having the next highest number of infected hosts. Additional findings showed infections across 245 North American, European, and Asian educational entities, 41 operational technology networks, 35 government organizations, and three healthcare institutions.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds