#StormBamboo Compromises #ISP to Abuse Insecure #Software #Update Mechanisms
The #infection vector for this malware was initially difficult to establish but later proved to be the result of a #DNS poisoning attack at the internet service provider (ISP) level. Volexity determined that StormBamboo was altering DNS query responses for specific #domains tied to automatic software update mechanisms. StormBamboo appeared to target software that used insecure update mechanisms, such as #HTTP, and did not properly validate digital signatures of installers.
#news #security #cybersecurity #malware #internet #cyberwar #cybercrime #danger #web
