cognitive cybersecurity intelligence

News and Analysis

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware

Cybersecurity firm ESET is tracking a previously undisclosed threat actor, Blackwood, presumed to be China-aligned. Blackwood has been linked to adversary-in-the-middle (AitM) attacks using an implant named NSPX30 to hijack update requests of legitimate software, like Tencent QQ and WPS Office. Active since 2018, the entity targets Chinese and Japanese manufacturing, trading, and engineering companies, plus individuals in China, Japan, and the UK. NSPX30 enables packet interception, hiding the attackers’ infrastructure.

Source: thehackernews.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

News and Analysis

China-backed Hackers Hijack Software Updates to Implant “NSPX30” Spyware

Subscribe to newsletter

More Posts

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

Storm-2561 lures victims to spoofed VPN sites to harvest corporate logins – Security Affairs

FBI investigates Steam games with hidden malware – AOL.com

Journalists Talk Medicaid Work Mandate in Georgia and Wage Garnishment Bill in Colorado

Products

Solutions

Healthcare cybersecurity

Healthcare Threat Intelligence

Use Cases

News and Analysis

Insights

Company