This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
05/14/2019
Bad Actors Using MitM Attacks against ASUS to Distribute Plead Backdoor
The State of Security
Researchers believe bad actors are using man-in-the-middle (MitM) attacks against ASUS software to distribute the Plead backdoor.
Near the end of April 2019, researchers at ESET observed several attack attempts that both created and executed the Plead backdoor using “AsusWSPanel.exe,” a legitimate process which belongs to the Windows client for the cloud-based storage service ASUS WebStorage developed by the ASUS Corporation. In fact, all Plead samples observed by ESET had the name “Asus Webstorage Upate.exe”
In their analysis of these attack attempts, the Slovakian security firm said it believes that one of two things might have happened. It proposed that ASUS might have suffered a supply chain attack. But ESET discounted this possibility based on three observations: the same update mechanism delivered legitimate ASUS WebStorage binaries, there’s no evidence of the ASUS WebStorage binaries having acted as C&C servers or delivered malicious binaries and the attack attempts themselves delivered standalone malicious files not hidden in legitimate software.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information