Software Vendor Who Hid 'Supply Chain' Breach Outed (krebsonsecurity.com)

← Back to Stories (view on slashdot.org)

Software Vendor Who Hid 'Supply Chain' Breach Outed (krebsonsecurity.com)

Posted by BeauHD on Wednesday February 22, 2017 @09:30AM from the undercover-investigators dept.

tsu doh nimh writes: Researchers at RSA released a startling report last week that detailed a so-called "supply chain" malware campaign that piggybacked on a popular piece of software used by system administrators at some of the nation's largest companies. This intrusion would probably not be that notable if the software vendor didn't have a long list of Fortune 500 customers, and if the attackers hadn't also compromised the company's update servers -- essentially guaranteeing that customers who downloaded the software prior to the breach were infected as well. Incredibly, the report did not name the affected software, and the vendor in question has apparently chosen to bury its breach disclosure as a page inside of its site -- not linking to it anywhere. Brian Krebs went and dug it up. Spoiler: the product/vendor in question is EVlog by Altair Technologies Ltd.

52 comments

Min score:

Reason:

Sort:

Product and Vendor by Kunedog · 2017-02-22 09:32 · Score: 5, Informative

EVlog by Altair Technologies Ltd.
1. Re:Product and Vendor by GrumpySteen · 2017-02-22 09:37 · Score: 2
  
  "Incredibly, the summary did not name the affected software"
2. Re:Product and Vendor by Anonymous Coward · 2017-02-22 09:43 · Score: 1
  
  Oh noes, you foild slashdots evil plan to have us read throug their ad-ticles without telling us which fucking Vendor and every unholy future spawn of it we should avoid!!
3. Re:Product and Vendor by Anonymous Coward · 2017-02-22 09:49 · Score: 0
  
  "Incredibly, the summary did not name the affected software"
  but it did provide a link where you could find out that information ;) #clickThroughRate
4. Re:Product and Vendor by Big+Hairy+Ian · 2017-02-23 01:14 · Score: 1
  
  Throw the book at them by burying this they are as guilty as the hackers who breached them
  
  --
  Build a Man a Fire, and He'll Be Warm for a Day. Set a Man on Fire, and He'll Be Warm for the Rest of His Life.
Properly posted in the disused lavatory by Anonymous Coward · 2017-02-22 09:53 · Score: 1

Got the HHGTTG reference out of the way.
1. Re:Properly posted in the disused lavatory by Anonymous Coward · 2017-02-22 09:58 · Score: 0
  
  The stairs had probably gone.
2. Re:Properly posted in the disused lavatory by TWX · 2017-02-22 16:38 · Score: 1
  
  Didn't we agree back in the eighties to refer to Douglas Adams' most well-known work as H2G2 or H^2G^2 where superscript is supported?
  
  --
  Do not look into laser with remaining eye.
Required Douglas Adams quote by Anonymous Coward · 2017-02-22 09:57 · Score: 3, Funny

“But the plans were on display”
“On display? I eventually had to go down to the cellar to find them.”
“That’s the display department.”
“With a flashlight.”
“Ah, well, the lights had probably gone.”
“So had the stairs.”
“But look, you found the notice, didn’t you?”
“Yes,” said Arthur, “yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard.”
1. Re:Required Douglas Adams quote by __aaclcg7560 · 2017-02-22 10:06 · Score: 2
  
  "Yes," said Arthur, "yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying âBeware of the Leopard."
  That would explain why managers at my government IT job hide surplus computer equipment in the women restrooms.
2. Re:Required Douglas Adams quote by Anonymous Coward · 2017-02-22 10:07 · Score: 0
  
  And yet the lengthy joke fails to mention how he opened a locked filing cabinet.
3. Re:Required Douglas Adams quote by Anonymous Coward · 2017-02-22 10:10 · Score: 0
  
  There should be plenty of space for surplus computer equipment in that storeroom which you personally cleared and which nobody had seen the floor of for years and which you're always telling us about.
4. Re:Required Douglas Adams quote by __aaclcg7560 · 2017-02-22 10:42 · Score: 1
  
  There should be plenty of space for surplus computer equipment in that storeroom which you personally cleared and which nobody had seen the floor of for years and which you're always telling us about.
  That was when I did a PC refresh project for a local hospital in 2013.
5. Re:Required Douglas Adams quote by __aaclcg7560 · 2017-02-22 10:48 · Score: 1
  
  That was when I did a PC refresh project for a local hospital in 2013.
  My bad. Local hospital was in 2012. I was at Cisco in 2013. I've been at my current government IT job since 2014.
6. Re:Required Douglas Adams quote by Anonymous Coward · 2017-02-22 10:55 · Score: 0
  
  You seem confused so HR will now conduct an audit of your employment history with all your references.
7. Re:Required Douglas Adams quote by Anonymous Coward · 2017-02-22 10:56 · Score: 2, Funny
  
  And yet the lengthy joke fails to mention how he opened a locked filing cabinet.
  The leopard had the key.
8. Re:Required Douglas Adams quote by ravenshrike · 2017-02-22 10:57 · Score: 1
  
  Crowbar of course. Sorry, jimmy bar as this is England.
9. Re:Required Douglas Adams quote by __aaclcg7560 · 2017-02-22 11:03 · Score: 1
  
  You seem confused so HR will now conduct an audit of your employment history with all your references.
  Check with the Chinese. They have my background investigative case file for my security clearance.
10. Re:Required Douglas Adams quote by Anonymous Coward · 2017-02-22 12:54 · Score: 0
  
  That would explain why managers at my government IT job hide surplus computer equipment in the women restrooms.
  You obviously work for Republican men. They'd never go into the women's room, but they know every inch of the men's room intimately, especially the view from knee-level.
  BECAUSE REPUBLICAN MEN SURE SUCK A LOT OF DICK IN PUBLIC RESTROOMS. Can't understand why anyone votes for those perverts.
11. Re:Required Douglas Adams quote by __aaclcg7560 · 2017-02-22 13:21 · Score: 2
  
  You obviously work for Republican men.
  Uh, no. Except for 4,000 positions appointed by POTUS, government workers are mostly apolitical. We don't talk about politics. We do talk about Saturday Night Live. ;)
12. Re: Required Douglas Adams quote by dfeifer · 2017-02-22 13:45 · Score: 1
  
  Hmm, much like a phone system messaging router we have that is 20 feet up under a drop ceiling that had yet another drop ceiling under that which was 10 feet off the ground..
13. Re:Required Douglas Adams quote by dbIII · 2017-02-22 13:46 · Score: 5, Funny
  
  That would explain why managers at my government IT job hide surplus computer equipment in the women restrooms
  That makes perfect sense.
  It's an I pee address.
14. Re:Required Douglas Adams quote by Anonymous Coward · 2017-02-23 01:57 · Score: 1
  
  Well spotted.
Vendor Who Hid 'Supply Chain' Breach Outed by Anonymous Coward · 2017-02-22 09:57 · Score: 0

Software Vendor Who Hid 'Supply Chain' Breach Outed
Shocking! Never in a million years would I have guessed he was gay.
1. Re:Vendor Who Hid 'Supply Chain' Breach Outed by Anonymous Coward · 2017-02-22 10:52 · Score: 0
  
  Nah, gay is the new normal, and the scandal is he's been outed as straight.
Brian Krebs is awesome, I'm a big fan. by Anonymous Coward · 2017-02-22 10:06 · Score: 5, Interesting

He's part simple-terms reporter for laypeople, part techie, part detective, part regular guy on the internet. Cheers to Brian for another successful dig!
I'm really glad he didn't just fold up and go away after the DDOS campaign against him.
1. Re:Brian Krebs is awesome, I'm a big fan. by Anonymous Coward · 2017-02-22 11:15 · Score: 0
  
  Good self knowledge.
2. Re:Brian Krebs is awesome, I'm a big fan. by Anonymous Coward · 2017-02-22 11:18 · Score: 0
  
  Your reply is typical of a loser who can't achieve anything noticeable yourself. It's your fault You don't do anything worth noticing.
3. Re:Brian Krebs is awesome, I'm a big fan. by Anonymous Coward · 2017-02-22 12:05 · Score: 0
  
  Brian Krebs is APK?
4. Re:Brian Krebs is awesome, I'm a big fan. by Anonymous Coward · 2017-02-22 12:47 · Score: 0
  
  That explains everything.
5. Re:Brian Krebs is awesome, I'm a big fan. by cbiltcliffe · 2017-02-22 15:08 · Score: 1
  
  No, APK doesn't do a hosts file program. APK did a hosts file program. There's a difference. And, while I haven't polled everybody here, I haven't yet had a conversation with anybody who likes and uses APK's program. I, for one, have never even tried it, due to the sheer amount of obnoxious, irrelevant spewage that shows up every time someone posts that APK is a <fill in insult of choice, here>.
  Now, the fact that you're an AC, and supporting APK, leads me to strongly believe that you are in fact APK, posting as an astroturf supporter of yourself.
  Go away.
  
  --
  "City hall" in German is "Rathaus" Kinda explains a few things......
6. Re:Brian Krebs is awesome, I'm a big fan. by Anonymous Coward · 2017-02-22 16:19 · Score: 0
  
  Nothing's LOUDER than your CRY of a "ne'er-do-well" who hates others being successful and you aren't and will never be.
7. Re: Brian Krebs is awesome, I'm a big fan. by Anonymous Coward · 2017-02-22 17:18 · Score: 1
  
  I wonder when Malware Bytes sues APK to prevent false claims they endorse APK, rather than an employee working on his personal time.
8. Re: Brian Krebs is awesome, I'm a big fan. by Anonymous Coward · 2017-02-22 20:42 · Score: 0
  
  If he's an employee of MalwareBytes, they should stop him bringing their name into disrepute.
9. Re:Brian Krebs is awesome, I'm a big fan. by Anonymous Coward · 2017-02-22 23:06 · Score: 0
  
  Could you say "fuck" just one more time?
10. Re:Brian Krebs is awesome, I'm a big fan. by Anonymous Coward · 2017-03-05 01:30 · Score: 0
  
  CBiltcliffe: Answer my question. How'd eating your words taste as apk made you eat them here https://hardware.slashdot.org/comments.pl?sid=10280229&cid=53913023/ and here too https://hardware.slashdot.org/comments.pl?sid=10280229&cid=53913235/ ? Sockpuppet down mod hiding last time I posted it was weak whimp.
no such thing as "software vendor" by Anonymous Coward · 2017-02-22 10:15 · Score: 0

It is impossible to buy or sell software. All software is free software. All free software is open source. All open source is on github.
Does anyone trust RSA anymore? by Anonymous Coward · 2017-02-22 10:30 · Score: 0

Headline from 2013: NSA paid $10 million to put its backdoor in RSA encryption, according to Reuters report
Linky: http://www.theverge.com/2013/12/20/5231006/nsa-paid-10-million-for-a-back-door-into-rsa-encryption-according-to
Another reason to dump proprietary software by Anonymous Coward · 2017-02-22 10:47 · Score: 0

Security through obscurity? I'll stick with Free (Liberated) / Open Source software.
1. Re: Another reason to dump proprietary software by Anonymous Coward · 2017-02-22 11:09 · Score: 0
  
  Well open sores was what the customers of this closed source vendor got by the looks of it.
2. Re:Another reason to dump proprietary software by Anonymous Coward · 2017-02-22 11:27 · Score: 0
  
  Oh you mean like SSL? The open source software installed by millions of Linux neck beards who didn't read a single line of code. The feds probably exploited that bug for years.
3. Re:Another reason to dump proprietary software by Anonymous Coward · 2017-02-22 12:06 · Score: 0
  
  You'd be surprised. It's developed by the OpenBSD people - who are a special bunch, so paranoid and zealous about security it would be very, very hard to sneak anything past them.
  I'd rather expect holes in the end-user applications that use SSL. Once the data is decoded to plaintext for user consumption, it's up for taking by anything that sits between SSL and the user's eyes.
4. Re:Another reason to dump proprietary software by Anonymous Coward · 2017-02-22 12:12 · Score: 0
  
  Sure! Use Open SORES and get yourself an EFast Google Chrome malicious doppleganger https://www.google.com/search?...
5. Re: Another reason to dump proprietary software by Anonymous Coward · 2017-02-23 00:18 · Score: 0
  
  You must be thinking of OpenSSH, which is pretty damned solid. The OpenBSD crew got involved in the whole SSL/Heartbleed issue only after the vulnerability had been found, and they forked it and went over every line of code looking for any more issues. Yes, they are a special breed...I only wish we could clone them and make more
Pussy there's no bigger ill repute than you by Anonymous Coward · 2017-02-23 03:05 · Score: 0

See my subject: You little fucking WORM that is ashamed to put his REAL name behind his words (you have nothing to show for yourself).
* The day a NO-talent probably heroin-junkie little FAILURE WORM like YOU & "your kind" can do BETTER than I have in the arena of computing? Is the day a little FUCK WEASEL like you can even BEGIN to speak!
APK
P.S.=> You're already a dead-man - I'd say you should commit suicide as you ARE a waste of life, food, water & oxygen (as are most of your JUNKIE millenial kind) but you already DIE a 1,000 deaths of TRUE fucking cowards (seeing as you are ashamed of your own name - I would be too were I like you, a "ne'er-do-well" do-nothing waste/zero)... apk