all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

China-backed Hackers Hijack Software Updates to Implant "NSPX30" Spyware

Add to bookmarks
Jan. 25, 2024, 10:08 a.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A previously undocumented China-aligned threat actor has been linked to a set of adversary-in-the-middle (AitM) attacks that hijack update requests from legitimate software to deliver a sophisticated implant named NSPX30.
Slovak cybersecurity firm ESET is tracking the advanced persistent threat (APT) group under the name Blackwood. It's said to be active since at least 2018.
The NSPX30

actor advanced advanced persistent threat adversary adversary-in-the-middle aitm apt attacks china cybersecurity eset hackers hijack implant name persistent persistent threat requests software software updates spyware threat threat actor tracking under undocumented update updates

Visit resource

More from thehackernews.com / The Hacker News

New Guide: How to Scale Your vCISO Services Profitably an hour ago | thehackernews.com
access business can ciso +18
Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery an hour ago | thehackernews.com
authentication authentication bypass botnet bypass +27
Critical F5 Central Manager Vulnerabilities Allow Enable Full Device Takeover 6 hours ago | thehackernews.com
accounts actor administrator attackers +18
A SaaS Security Challenge: Getting Permissions All in One Place 22 hours ago | thehackernews.com
access all in apps base +16
New Spectre-Style 'Pathfinder' Attack Targets Intel CPU, Leak Encryption Keys and Data 22 hours ago | thehackernews.com
academics advanced advanced encryption aes +30
The Fundamentals of Cloud Security Stress Testing 1 day, 1 hour ago | thehackernews.com
assets attackers cloud cloud security +17
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version 1 day, 1 hour ago | thehackernews.com
aim analysis anti-analysis bypass +19
Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites 1 day, 5 hours ago | thehackernews.com
accounts actively exploited admin bogus +25
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator 1 day, 20 hours ago | thehackernews.com
addition administrator agency crime +17

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Enterprise Threat Intel Analyst

@ Resource Management Concepts, Inc. | Quantico, Virginia, United States
View on infosec-jobs.com

IT Security Engineer III

@ Mitsubishi Heavy Industries | Houston, TX, US, 77046
View on infosec-jobs.com

Cyber Intelligence Vice President, Threat Intelligence

@ JPMorgan Chase & Co. | Singapore, Singapore
View on infosec-jobs.com

Assistant Manager, Digital Forensics

@ Interpath Advisory | Manchester, England, United Kingdom
View on infosec-jobs.com

Tier 3 - Forensic Analyst, SME

@ Resource Management Concepts, Inc. | Quantico, Virginia, United States
View on infosec-jobs.com

Incident Response, SME

@ Resource Management Concepts, Inc. | Quantico, Virginia, United States
View on infosec-jobs.com
View more jobs