adam's notes

Malicious Update

malicious update refers to an update that appears legitimate but contains harmful code.

  • mitigate by:
    • secure software supply chain management
    • digital signature verification
    • other software security practices

Example

In 2017, the legitimate software CCleaner was compromised when an unauthorized update was released containing a malicious payload.

  • This affected millions of users who downloaded the update, believing it was a standard upgrade to improve their system’s performance.

Example

2020 SolarWinds attack

  • attackers used an update to the SolarWinds Orion platform to distribute a malicious backdoor to numerous government and corporate networks
  • leading to significant data breaches

Graph View

Backlinks