Comm100 Chat Provider Hijacked to Spread Malware in Supply Chain Attack

A threat actor likely with associations to China has been attributed to a new supply chain attack that involves the use of a trojanized installer for the Comm100 Live Chat application to distribute a JavaScript backdoor.
Cybersecurity firm CrowdStrike said the attack made use of a signed Comm100 desktop agent app for Windows that was downloadable from the company’s website.
The scale of the

This article has been indexed from The Hacker News

Read the original article:

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!