Kingslayer
Attackers could breach the download server of an application (used by system administrators to analyze Windows logs) and replaced the legitimate application and updates with a signed malicious version.
Impact
Organizations who used Alpha’s free license edition software (the compromised version) include:
- 4 major telecommunication providers
- 10+ western millitary organizations
- 24+ Fortune 500 companies
- 5 major defense contractors
- 36+ Major IT product manufacturers or solutions providers
- 24+ western government organizations
- 24+ banks and financial institutions
- 45+ higher educational institutions
Type of compromise
The attacker had access to the publishing infrastructure (i.e., the download server) and to the signing key of the packager.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.