In an attack carried out in March 2023, the hackers exploited a bug in the MagicLine4NX security authentication software for initial access and a zero-day issue in a network-linked system for lateral movement.
When the intended victim accessed the article from a machine running the vulnerable software, the malicious code executed and the threat actors gained remote control over the system. Next, the attackers exploited a network-linked system vulnerability and infected business-side systems, to steal information.
The cyber actors initially employed a watering-hole attack to secure target groups, and conducted additional attacks on specific targets. The compromise of one supply chain led to the infection of another supply chain, which was a targeted attack against a specific target.
[
add
]
[
|
|
...
]