Skip to main content

Hackers use VPN provider's code certificate to sign malware


 








The China-aligned APT (advanced persistent threat) group known as 'Bronze Starlight' was seen targeting the Southeast Asian gambling industry with malware signed using a valid certificate used by the Ivacy VPN provider.


The main benefit of using a valid certificate is to bypass security measures, avoid raising suspicions with system alerts, and blend in with legitimate software and traffic.


According to SentinelLabs, which analyzed the campaign, the certificate belongs to PMG PTE LTD, a Singaporean vendor of the VPN product 'Ivacy VPN.'


The cyberattacks observed in March 2023 are likely a later phase of the 'Operation ChattyGoblin' that ESET identified in a Q4 2022 – Q1 2023 report.


However, SentinelLabs says it's challenging to associate with specific clusters due to the extensive sharing of tools between Chinese threat actors.


DLL side-loading


The attacks begin with dropping .NET executables (agentupdate_plugins.exe and AdventureQuest.exe) on the target system, likely via trojanized chat apps, that fetch password-protected ZIP archives from Alibaba buckets.


The AdventureQuest.exe malware sample was first found by security researcher MalwareHunterteam in May when they noted that the code-signing certificate was the same as one used for official Ivacy VPN installers.

Comments

Post a Comment

Popular posts from this blog

HTML and CSS course: Master Guide from Beginner to Advanced 2023

 Page Contents [hide] 1 Description: 2 Introduction to HTML and CSS course: Building Blocks of the Web 3 Why Learn HTML and CSS course in 2023? 4 Getting Started: Your First HTML Document 5 Styling Your Webpage: Introduction to CSS 6 Creating a Navigation Bar: Putting Theory into Practice 7 Building Layouts with CSS Grid: Design Freedom 8 Responsive Design: Crafting Websites for All Devices 9 Enhancing User Experience: CSS Transitions and Animations 10 Advanced CSS: Flex Your Design Muscles 11 Creating Forms: Interactivity and User Input HTML and CSS course 12 Optimizing for Performance: Faster Loading, Better Experience 13 Conclusion: Your HTML and CSS course Journey Continues 14 Ready to Begin Your HTML and CSS Course Journey? Enroll Now! 15 Exploring Advanced CSS Techniques 16 Mastering CSS Frameworks 17 The Future of Web Development: CSS Grid and Flexbox 18 The Rise of CSS-in-JS 19 Designing for Accessibility with CSS 20 CSS Art: Pushing Boundaries and Unleashing Creativity 21 ...
Post a Comment
Read more

Python Testing with pytest + Selenium | Master in testing 2023

 Page Contents [hide] 1 Introduction : 2 Python Testing: An Unveiling of Significance: 3 Empowering Testing with pytest: 4 Harnessing the Power of Selenium: 5 Highlights of the Course: 6 Target Audience for the Course: 7 Prerequisites for Course Engagement: 8 The Advantages of Python Testing: 9 In Conclusion: Introduction : In the fast-paced and technologically advanced landscape of today’s digital world, the reliability, functionality, and user experience of software applications hold the key to business success. Software testing, a pivotal process in the software development life cycle, ensures that applications meet stringent quality standards and deliver seamless performance. In this context, Python has emerged as a powerful and versatile programming language that not only aids in application development but also plays a crucial role in software testing. By leveraging the capabilities of pytest and Selenium, Python testing has solidified its position as a preferred choice for t...
Post a Comment
Read more

HTML/CSS Full course TUTORIALS

*READ AND FAMILIARIZE YOURSELF WITH THE INSTRUCTIONS*  πŸ‘‡πŸ‘‡πŸ‘‡πŸ‘‡ *Good day everyone!* *I want to officially welcome you to the BEGINNERS' PRACTICAL ROOM BATCH 93 for WEBSITE DESIGN in June in the year 2023. Many are called but few are chosen.* *πŸ‘‰Need we let you know that this training is packaged by OGtech Networks Ltd.* *This is one out of many batches of digital literacy program being conducted every now and then across all social media channels. As such it is a privilege that you made it here.* *πŸ‘‰ This training is FREE for a month and your commitment is of utmost importance. You may have interest but showing no commitment will make learning difficult.* *πŸ‘‰ Never make mockery of learning no matter how simple it is. We are here to empower you. Do well to empower yourself.* *πŸ‘‰ Understanding comes by full concentration and practice void of distractions. Hence, the need for locking the group.* *πŸ‘‰ We shall be making use of teaching materials (Visual & Audio recordings) from our...
Post a Comment
Read more