Chinese APT hides Backdoor within Software Updates – Security Alert!

A newly discovered Chinese APT group, dubbed “Blackwood,” has been secretly injecting a backdoor into software updates for legitimate programs. 

Specific victims of the group that ESET has named “Blackwood” include a large Chinese manufacturing and trading company, the Chinese office of a Japanese engineering and manufacturing company, individuals in China and Japan, and a Chinese-speaking person connected with a high-profile research university in the UK.

Here’s the List:

• No Phishing: Blackwood doesn’t rely on traditional phishing tactics like infected websites or emails.
• Hidden in Updates: The backdoor sneaks into the updates of genuine software downloaded from trustworthy servers via unencrypted HTTP connections.
• Targeting Unknown: Currently, it’s unclear which programs or servers are affected, or who the specific targets are.
• Exploiting Network Implants: Experts speculate Blackwood might be using existing network implants in targeted networks to inject the backdoor.
• Active for Years: This attack has been ongoing since at least 2018, highlighting the need for better network and software security.

What Is a Backdoor & How to Prevent Backdoor Attacks (2024)

A backdoor is any method that allows somebody — hackers, governments, IT people, etc. — to remotely access your device without your permission or knowledge.

Hackers can install a backdoor onto your device by using malware, by exploiting your software vulnerabilities, or even by directly installing a backdoor in your device’s hardware/firmware.

Once hackers log into your machine without your knowledge, they can use backdoors for a variety of reasons, such as:

• Surveillance.
• Data theft.
• Crypto jacking.
• Sabotage.
• Malware attack.

Nobody is immune to backdoor hacking, and hackers are constantly inventing new methods and malware files to gain access to user devices.

If you think you’ve been the victim of a backdoor attack, there’s a lot you can do to close the backdoors on your system, assess the damage that’s been done, and prevent another backdoor hack in the future.

Best Ways to Prevent Backdoor Attacks

Backdoors are difficult to detect. Everyday users can’t discover a backdoor just by opening the Task Manager. But there are a few easy steps you can take to keep your device safe from backdoors virus attacks, such as:

Use an Antivirus

Always use advanced antivirus software that can detect and prevent a wide range of malware, including trojans, crypto jackers, spyware, and rootkits. An antivirus will detect backdoor viruses and eliminate them before they can infect your computer. Good antivirus software like Norton 360 also includes tools like Wi-Fi monitoring, an advanced firewall, web protection, and microphone and webcam privacy monitoring to ensure you’re as safe as possible online.

Download with Care

Backdoors are often bundled with seemingly legitimate free software, files, and applications. When downloading any file from the internet, check to see if you’re only getting the file you wanted, or if there are some nasty hitchhikers coming along for the ride. Even a file that behaves like the file you’re looking for could be a trojan. Make sure to always download from official websites, avoid pirate sites, and install an antivirus with real-time protection that can flag malware files before you even download them onto your system.

Use a Firewall

Firewalls are essential for anti-backdoor protection — they monitor all incoming and outgoing traffic on your device. If someone outside of your approved network is trying to get into your device, the firewall will block them out, and if an app on your device is trying to send data out to an unknown network location, the firewall will block that app, too.

Advanced firewalls can detect unauthorized backdoor traffic even when your device’s malware detection has been fooled. Windows and macOS both have pretty decent built-in firewalls, but they’re not good enough. There are a few antivirus programs with good firewalls (McAfee has excellent network protections) and you can also consider purchasing a smart firewall, which is a physical device that you connect to your router to keep your network as safe as possible.

Use a Password Manager

Password managers generate and store login information for all your accounts and even help you log into them automatically. All of this information is securely encrypted using 256-bit AES encryption and locked behind a master password. Advanced password managers like Dashlane can even enhance your password vault’s security using biometric login or 2FA tools like TOTP generators and USB tokens. Because they generate random, complex passwords, password managers make it a lot harder for hackers to get into your network or spread across your network in the event that you get a backdoor installed on your system.

Stay on Top of Security Updates/Patches

Zero-day attacks are pretty rare, and most hackers just recycle the same exploits and malware because it’s cheap and easy for them to do so. Plus, it works. One in three IT professionals (34%) in Europe admitted that their company had been breached as a result of an unpatched vulnerability.

Developers regularly release updates to fix potential weaknesses in their software, and these patches are quite simple to install. Plus, a lot of programs offer a feature for automatic updates, so all you have to do is turn it on and let it work in the background. If you use macOS or Windows, you can easily enable “Automatic Updates” in your settings — it’s super important to keep your OS up to date as backdoor attacks typically work by manipulating it.

This sophisticated new attack technique, bypassing typical intrusion methods, shows the evolving and increasingly stealthy nature of cyber threats. Organizations and individuals must prioritize updating software with secure connections and stay vigilant against such unseen digital dangers.

---

You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it.