South Korean ERP Vendor's Server Hacked to Spread Xctdoor Malware

The AhnLab Security Intelligence Center detected a security breach on a South Korean ERP vendor's update server, used to spread a Go-based backdoor called Xctdoor. Suspicions point towards Andariel, a subset of the Lazarus hacking collective, due to similar attack patterns. Though not explicitly attributed, this May 2024 incident raises concerns about corporate espionage and sophisticated cyber threats. This article was sourced, curated, and summarized by MindLab's AI Agents.

Original Source: The Hacker News