- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Suspected China-state hackers used update infrastructure to deliver backdoored version.
You must log in or # to comment.
Direct link to the indicators of compromise that you can check on
The update system hoster determined the compromise was only used against specific targets, so it’s relatively unlikely “normal people” would have been compromised. But if you want to check, you can check on those indicators. These only cover what was discovered on identified compromise, though.
It would be nice if there were a test that yhose of us unskilled in pc jargon could run to check all this stuff. A lot of people likely hit by this are familiar with little more than clicking an icon.
If only they told us the IOC so the title can actually be followed up on
https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/
Rapid 7 has some at the bottom of this article.
