- cross-posted to:
- technology@lemmy.zip
- cross-posted to:
- technology@lemmy.zip
Suspected China-state hackers used update infrastructure to deliver backdoored version.
You must log in or register to comment.
If only they told us the IOC so the title can actually be followed up on
https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/
Rapid 7 has some at the bottom of this article.
It would be nice if there were a test that yhose of us unskilled in pc jargon could run to check all this stuff. A lot of people likely hit by this are familiar with little more than clicking an icon.
Direct link to the indicators of compromise that you can check on
The update system hoster determined the compromise was only used against specific targets, so it’s relatively unlikely “normal people” would have been compromised. But if you want to check, you can check on those indicators. These only cover what was discovered on identified compromise, though.
