GuptiMiner: Hijacking Antivirus Updates to Deploy Backdoors and Cryptocurrency Miners
GuptiMiner, a sophisticated malware campaign, exploited vulnerabilities in the update mechanism of eScan antivirus software to distribute backdoors and cryptocurrency miners. The attackers, possibly tied to the North Korean APT group Kimsuky, performed a man-in-the-middle attack to replace legitimate updates … Read More