Monju Incident

The attackers subverted the distribution server of GOM Player software and delivered a malicious version of the software to users. Upon connecting to the application website to update the installed software, users were redirected to a different website, controlled by the attackers. As a result, the users received a modified version of the software bundled with a Trojan.

Impact

The attack affected machines at Monju fast breeder reactor facility in Japan. However, it it unclear whether other machines who tried to upate their GOM Player software were infected.

Type of compromise

Attackers could have access to the publishing infrastructure, but did not sign the delivered product.

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.