APT StormBamboo compromised a undisclosed internet service provider (ISP) to poison DNS queries and thus deliver malware to target organizations, Volexity researchers have shared. Malware delivery via automatic software updates StormBamboo (aka Evasive Panda, aka StormCloud), a Chinese-speaking threat actor that focuses on cyberespionage, has a penchant for compromising third parties to breach intended targets. In April 2023, ESET researchers documented the threat actor targeting an international NGO in China with malicious updates, but weren’t … More
The post Chinese hackers compromised an ISP to deliver malicious software updates appeared first on Help Net Security.