Cybersecurity firm ESET is tracking a previously undisclosed threat actor, Blackwood, presumed to be China-aligned. Blackwood has been linked to adversary-in-the-middle (AitM) attacks using an implant named NSPX30 to hijack update requests of legitimate software, like Tencent QQ and WPS Office. Active since 2018, the entity targets Chinese and Japanese manufacturing, trading, and engineering companies, plus individuals in China, Japan, and the UK. NSPX30 enables packet interception, hiding the attackers’ infrastructure.
FBI Deletes PlugX Malware from 4,250 Hacked Computers in Multi-Month Operation
The FBI has deleted PlugX malware from more than 4,250 infected computers as part of a US Department of Justice-approved multi-month operation. PlugX, controlled by
