Software Vendor Who Hid 'Supply Chain' Breach Outed

tsu doh nimh writes: Researchers at RSA released a startling report last week that detailed a so-called "supply chain" malware campaign that piggybacked on a popular piece of software used by system administrators at some of the nation's largest companies. This intrusion would probably not be that notable if the software vendor didn't have a long list of Fortune 500 customers, and if the attackers hadn't also compromised the company's update servers -- essentially guaranteeing that customers who downloaded the software prior to the breach were infected as well. Incredibly, the report did not name the affected software, and the vendor in question has apparently chosen to bury its breach disclosure as a page inside of its site -- not linking to it anywhere. Brian Krebs went and dug it up. Spoiler: the product/vendor in question is EVlog by Altair Technologies Ltd.

Product and Vendor

[Kunedog]

EVlog by Altair Technologies Ltd.

Required Douglas Adams quote

“But the plans were on display”
“On display? I eventually had to go down to the cellar to find them.”
“That’s the display department.”
“With a flashlight.”
“Ah, well, the lights had probably gone.”
“So had the stairs.”
“But look, you found the notice, didn’t you?”
“Yes,” said Arthur, “yes I did. It was on display in the bottom of a locked filing cabinet stuck in a disused lavatory with a sign on the door saying ‘Beware of the Leopard.”

Re:Required Douglas Adams quote

[dbIII]

That would explain why managers at my government IT job hide surplus computer equipment in the women restrooms

That makes perfect sense.
It's an I pee address.

Brian Krebs is awesome, I'm a big fan.

He's part simple-terms reporter for laypeople, part techie, part detective, part regular guy on the internet. Cheers to Brian for another successful dig!

I'm really glad he didn't just fold up and go away after the DDOS campaign against him.