From ehackingnews.com
![](https://1.bp.blogspot.com/-ZRFDFCYBqMc/YLiCXZyZyXI/AAAAAAAAIBo/9r-_afAZC6gmNZEcT7uHvySNjjA_bqeOQCLcBGAsYHQ/s600/pexels-tima-miroshnichenko-5380584.jpg)
The ongoing multi-vendor investigations into the SolarWinds mega-hack took a new turn this week when additional malware artifacts were discovered that could be leveraged in future supply chain operations.
The current session of attacks linked to the APT29/Nobelium threat actor contains a custom downloader that is part of a “poisoned update installer” for electronic keys used by the Ukrainian government, according to a recent study from anti-malware firm SentinelOne.