From ehackingnews.com
The ongoing multi-vendor investigations into the SolarWinds mega-hack took a new turn this week when additional malware artifacts were discovered that could be leveraged in future supply chain operations.
The current session of attacks linked to the APT29/Nobelium threat actor contains a custom downloader that is part of a “poisoned update installer” for electronic keys used by the Ukrainian government, according to a recent study from anti-malware firm SentinelOne.