- AhnLab Security Intelligence Center (ASEC) recently confirmed that unidentified attackers have been exploiting domestic ERP solutions to carry out attacks.
- The attackers are believed to have attacked the update server of a specific domestic ERP solution in order to gain control over the systems within the company after infiltrating the system.
- In another attack case, the attackers distributed malware by attacking vulnerable web servers.
- The targets of these attacks include domestic defense companies and manufacturing industries.
- Among the identified malware, there are instances where malicious routines were inserted into the update program of existing ERP solutions, similar to the case where the Andariel group used the HotCroissan backdoor in 2017.
https://asec.ahnlab.com/ko/67034/