中國駭客組織Evasive Panda入侵網路服務供應商,藉由DNS中毒從事供應鏈攻擊
支付動態 · 2024-08-06
研究人員揭露中國駭客組織Evasive Panda最新一波的攻擊行動,值得留意的是,駭客先是對網際網路服務供應商(ISP)發動DNS中毒攻擊,再對不安全的軟體更新機制下手
但這並非Volexity首度揭露駭客利用DNS中毒來存取目標網路環境的情況,研究人員曾在去年5月公布惡意軟體CatchDNS的攻擊行動,這起事故是與Evasive Panda有關的駭客組織DriftingBamboo所為,當時駭客在Sophos XG防火牆植入惡意程式。
而針對這起攻擊事故,研究人員指出,Evasive Panda針對多家採用不安全更新機制的軟體供應商(如影音播放器5KPlayer),然後藉由DNS中毒來竄改特定的配置檔案,從而讓受害電腦以為有新版軟體可供套用,並從駭客的伺服器下載惡意程式,藉由PNG圖檔向Windows電腦植入MgBot,而對於macOS電腦,則是會下載名為Macma的惡意程式。研究人員特別提及Macma與Gimmick的程式碼,存在明顯的相似性。這樣的發現,與賽門鐵克推測駭客採用相同程式庫打造多種惡意程式的說法有所交集。
一旦駭客成功部署惡意程式後,就有可能進行後續的攻擊行動,研究人員看到其中一臺Mac電腦被植入惡意的Chrome擴充套件ReloadText,從而竊取瀏覽器個人設定,以及郵件資料。
熱門文章
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
1spin4win grows its Latin American presence by partnering with Fortuna Juegos
Online Game
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
Kazakhstan plans to penalise online casino promotions
Regulation
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
