In a sophisticated cyberespionage operation, the Chinese hacking group PlushDemon has compromised the website of South Korean VPN provider IPany, distributing malware to unsuspecting users. ESET, a ...

Chinese-linked hackers (via ESET Research) have reportedly compromised South Korean VPN provider IPany in a calculated supply chain attack that exposed numerous users to malware. The attackers ...

China-aligned attackers known for cyber espionage have launched a supply-chain attack targeting IPany VPN. A previously undisclosed advanced persistent threat (APT) group, codenamed PlushDaemon by ...

In May 2024, ESET’s antivirus software flagged malware infections on Windows computers that were traced to the website of South Korean VPN company IPany. "Upon further analysis, we discovered ...

The hackers managed to infiltrate IPany's development platform and insert its custom 'SlowStepper' backdoor on its installer ('IPanyVPNsetup.exe'), which infected customer systems when the VPN was ...

Although the code contains hundreds of functions, the particular variant used in the supply-chain compromise of the IPany VPN software appears to be version 0.2.10 Lite, according to the backdoor ...

The IPany compromise was mitigated after ESET informed the developer, who promptly removed the malicious installer from their site. However, the incident serves as a reminder of the risks posed by ...

A China-linked cyberespionage group has reportedly exploited a legitimate VPN service to spread malware and spy on victims' activities. The ESET security research team found the malicious code ...