ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group, which they dubbed Blackwood. Blackwood has carried out cyberespionage operations against individuals and companies from China, Japan, and the United Kingdom. It leverages adversary-in-the-middle techniques to hijack update requests from legitimate software to deliver the implant. ESET mapped the evolution of NSPX30 back to an earlier ancestor – a simple backdoor they have named Project Wood. The oldest sample found … More
The post Blackwood APT delivers malware by hijacking legitimate software update requests appeared first on Help Net Security.
