SUPERNOVA Backdoor
The supply-chain attack executed through SolarWinds' Orion software has been an essential topic in the cybersecurity world for the past couple of days. Today, researchers have revealed a new finding, which points to a secondary malware family embedded in SolarWinds' Orion update packages. After the SUNBURST Malware was discovered initially, experts have identified a secondary payload called the SUPERNOVA Backdoor. This Backdoor Trojan gives its operators the ability to run arbitrary commands and code on machines that have the bogus SolarWinds Orion package installed on them.
What is even more worrying is that it appears that two separate groups of cybercriminals might be behind these payloads. The SUPERNOVA Backdoor also is able to run in fileless mode, therefore making sure that it will not leave any leftover files on the victim's disk.
According to experts, the SUPERNOVA Backdoor is likely to be the product of an experienced and resourceful group of criminals. While backdoors boasting such features are not uncommon, the way the SUPERNOVA Backdoor's executed is a certain sign that an organized group of criminals is behind it. Supply-chain attacks have always been threatening exceptionally and the SUPERNOVA Backdoor campaign is not any different. This campaign should serve as a good reminder why following the best safe Web browsing security practices may not be enough to keep you away from malware – investing in reputable anti-virus software will always be the best way to keep your network safe from intruders.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.