Summary: The XE Group, a Vietnamese cybercrime organization known for credit card theft, has expanded its operations to targeted information stealing from manufacturing and distribution supply chains. Utilizing zero-day vulnerabilities in VeraCore’s warehouse management platform, the group has displayed increasing sophistication and adaptability in their cyber attacks. Their activities emphasize a long-term commitment to maintaining access to compromised systems for extensive goals.
Affected: VeraCore and supply chain organizations in the manufacturing and distribution sectors
Keypoints :
- XE Group has evolved from credit card skimming to targeting supply chains, exploiting systemic vulnerabilities.
- Recent attacks leverage two zero-day vulnerabilities in VeraCore’s warehouse management system for malicious actions.
- The group maintains persistent access to compromised systems, illustrating their long-term cyberattack objectives.
- The evolving tactics of the XE Group align with a larger trend of cyber threats focusing on the software supply chain.
Source: https://www.darkreading.com/cyber-risk/xe-group-shifts-card-skimming-supply-chain-attacks