{"id":56463,"date":"2024-08-05T23:43:06","date_gmt":"2024-08-05T23:43:06","guid":{"rendered":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/"},"modified":"2024-08-05T23:43:06","modified_gmt":"2024-08-05T23:43:06","slug":"mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp","status":"publish","type":"post","link":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/","title":{"rendered":"Mac and Windows users infected by software updates delivered over hacked ISP"},"content":{"rendered":"<div>\n<div id=\"rss-wrap\">\n<figure class=\"intro-image intro-left\">\n  <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/07\/cyber-attack-800x600.jpg\" alt=\"The words \" cyber attack are mixed in with a computer screen full of binar \/><\/p>\n<p class=\"caption\" style=\"font-size:0.8em\"><a href=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2020\/07\/cyber-attack.jpg\" class=\"enlarge-link\" data-height=\"768\" data-width=\"1024\">Enlarge<\/a> (credit: <a rel=\"nofollow\" class=\"caption-link\" href=\"https:\/\/www.flickr.com\/photos\/30478819@N08\/45944781585\">Marco Verch Professional Photographer and Speaker<\/a>)<\/p>\n<\/figure>\n<div><a name=\"page-1\"><\/a><\/div>\n<p>Hackers delivered malware to Windows and Mac users by compromising their Internet service provider and then tampering with software updates delivered over unsecure connections, researchers said.<\/p>\n<p>The attack, researchers from security firm Volexity said, worked by hacking routers or similar types of device infrastructure of an unnamed ISP. The attackers then used their control of the devices to poison domain name system responses for legitimate hostnames providing updates for at least six different apps written for Windows or macOS. The apps affected were the 5KPlayer, Quick Heal, Rainmeter, Partition Wizard, and those from Corel and Sogou.<\/p>\n<h2>These aren\u2019t the update servers you\u2019re looking for<\/h2>\n<p>Because the update mechanisms didn\u2019t use <a href=\"https:\/\/en.wikipedia.org\/wiki\/Transport_Layer_Security\">TLS<\/a> or cryptographic signatures to authenticate the connections or downloaded software, the threat actors were able to use their control of the ISP infrastructure to successfully perform <a href=\"https:\/\/en.wikipedia.org\/wiki\/Man-in-the-middle_attack\">machine-in-the-middle<\/a> (MitM) attacks that directed targeted users to hostile servers rather than the ones operated by the affected software makers. These redirections worked even when users employed non-encrypted public DNS services such as Google\u2019s 8.8.8.8 or Cloudflare\u2019s 1.1.1.1 rather than the authoritative DNS server provided by the ISP.<\/p>\n<\/div>\n<p><a href=\"https:\/\/arstechnica.com\/?p=2041175#p3\">Read 12 remaining paragraphs<\/a> | <a href=\"https:\/\/arstechnica.com\/?p=2041175&amp;comments=1\">Comments<\/a><\/p>\n<\/div>\n<p class=\"wpematico_credit\"><small>Powered by <a href=\"http:\/\/www.wpematico.com\" target=\"_blank\" rel=\"noopener\">WPeMatico<\/a><\/small><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Enlarge (credit: Marco Verch Professional Photographer and Speaker) Hackers delivered malware to Windows and Mac users by compromising their Internet service provider and then tampering with software updates delivered over unsecure connections, researchers said. The attack, researchers from security firm Volexity said, worked by hacking routers or similar types of device infrastructure of an unnamed ISP. The attackers then used their control of the devices to poison domain name system&#8230;<\/p>\n","protected":false},"author":1,"featured_media":56464,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","tve_updated_post":"","tve_custom_css":"","tve_user_custom_css":"","tve_globals":{},"tcb2_ready":0,"tcb_editor_enabled":0,"tve_landing_page":"","_tve_header":"","_tve_footer":""},"categories":[241],"tags":[],"class_list":["post-56463","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technology"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Mac and Windows users infected by software updates delivered over hacked ISP - UshopWell.com<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Mac and Windows users infected by software updates delivered over hacked ISP - UshopWell.com\" \/>\n<meta property=\"og:description\" content=\"Enlarge (credit: Marco Verch Professional Photographer and Speaker) Hackers delivered malware to Windows and Mac users by compromising their Internet service provider and then tampering with software updates delivered over unsecure connections, researchers said. The attack, researchers from security firm Volexity said, worked by hacking routers or similar types of device infrastructure of an unnamed ISP. The attackers then used their control of the devices to poison domain name system...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/\" \/>\n<meta property=\"og:site_name\" content=\"UshopWell.com\" \/>\n<meta property=\"article:published_time\" content=\"2024-08-05T23:43:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/08\/cyber-attack-800x600-1.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"600\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"UShopWell\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"UShopWell\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/\"},\"author\":{\"name\":\"UShopWell\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/person\\\/6fd1f9e0ff932e534c86c70d5acff0fc\"},\"headline\":\"Mac and Windows users infected by software updates delivered over hacked ISP\",\"datePublished\":\"2024-08-05T23:43:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/\"},\"wordCount\":215,\"publisher\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/cyber-attack-800x600-1.jpg\",\"articleSection\":[\"Technology\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/\",\"name\":\"Mac and Windows users infected by software updates delivered over hacked ISP - UshopWell.com\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/cyber-attack-800x600-1.jpg\",\"datePublished\":\"2024-08-05T23:43:06+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/#primaryimage\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/cyber-attack-800x600-1.jpg\",\"contentUrl\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/cyber-attack-800x600-1.jpg\",\"width\":800,\"height\":600},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Mac and Windows users infected by software updates delivered over hacked ISP\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#website\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/\",\"name\":\"UshopWell.com\",\"description\":\"The Premiere Online Marketplace\",\"publisher\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#organization\",\"name\":\"UshopWell\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/pandaSwea.png\",\"contentUrl\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/wp-content\\\/uploads\\\/2018\\\/01\\\/pandaSwea.png\",\"width\":365,\"height\":359,\"caption\":\"UshopWell\"},\"image\":{\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/#\\\/schema\\\/person\\\/6fd1f9e0ff932e534c86c70d5acff0fc\",\"name\":\"UShopWell\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g\",\"caption\":\"UShopWell\"},\"url\":\"https:\\\/\\\/ushopwell.com\\\/ublog\\\/author\\\/kburnettu\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Mac and Windows users infected by software updates delivered over hacked ISP - UshopWell.com","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/","og_locale":"en_US","og_type":"article","og_title":"Mac and Windows users infected by software updates delivered over hacked ISP - UshopWell.com","og_description":"Enlarge (credit: Marco Verch Professional Photographer and Speaker) Hackers delivered malware to Windows and Mac users by compromising their Internet service provider and then tampering with software updates delivered over unsecure connections, researchers said. The attack, researchers from security firm Volexity said, worked by hacking routers or similar types of device infrastructure of an unnamed ISP. The attackers then used their control of the devices to poison domain name system...","og_url":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/","og_site_name":"UshopWell.com","article_published_time":"2024-08-05T23:43:06+00:00","og_image":[{"width":800,"height":600,"url":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/08\/cyber-attack-800x600-1.jpg","type":"image\/jpeg"}],"author":"UShopWell","twitter_card":"summary_large_image","twitter_misc":{"Written by":"UShopWell","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/#article","isPartOf":{"@id":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/"},"author":{"name":"UShopWell","@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/person\/6fd1f9e0ff932e534c86c70d5acff0fc"},"headline":"Mac and Windows users infected by software updates delivered over hacked ISP","datePublished":"2024-08-05T23:43:06+00:00","mainEntityOfPage":{"@id":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/"},"wordCount":215,"publisher":{"@id":"https:\/\/ushopwell.com\/ublog\/#organization"},"image":{"@id":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/#primaryimage"},"thumbnailUrl":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/08\/cyber-attack-800x600-1.jpg","articleSection":["Technology"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/","url":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/","name":"Mac and Windows users infected by software updates delivered over hacked ISP - UshopWell.com","isPartOf":{"@id":"https:\/\/ushopwell.com\/ublog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/#primaryimage"},"image":{"@id":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/#primaryimage"},"thumbnailUrl":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/08\/cyber-attack-800x600-1.jpg","datePublished":"2024-08-05T23:43:06+00:00","breadcrumb":{"@id":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/#primaryimage","url":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/08\/cyber-attack-800x600-1.jpg","contentUrl":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2024\/08\/cyber-attack-800x600-1.jpg","width":800,"height":600},{"@type":"BreadcrumbList","@id":"https:\/\/ushopwell.com\/ublog\/mac-and-windows-users-infected-by-software-updates-delivered-over-hacked-isp\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/ushopwell.com\/ublog\/"},{"@type":"ListItem","position":2,"name":"Mac and Windows users infected by software updates delivered over hacked ISP"}]},{"@type":"WebSite","@id":"https:\/\/ushopwell.com\/ublog\/#website","url":"https:\/\/ushopwell.com\/ublog\/","name":"UshopWell.com","description":"The Premiere Online Marketplace","publisher":{"@id":"https:\/\/ushopwell.com\/ublog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/ushopwell.com\/ublog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/ushopwell.com\/ublog\/#organization","name":"UshopWell","url":"https:\/\/ushopwell.com\/ublog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/logo\/image\/","url":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2018\/01\/pandaSwea.png","contentUrl":"https:\/\/ushopwell.com\/ublog\/wp-content\/uploads\/2018\/01\/pandaSwea.png","width":365,"height":359,"caption":"UshopWell"},"image":{"@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/ushopwell.com\/ublog\/#\/schema\/person\/6fd1f9e0ff932e534c86c70d5acff0fc","name":"UShopWell","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4adb372cadd43b4d4c57964dab95b0f69618bf960d131c4acf49d96d6bbc9c6e?s=96&d=mm&r=g","caption":"UShopWell"},"url":"https:\/\/ushopwell.com\/ublog\/author\/kburnettu\/"}]}},"_links":{"self":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/posts\/56463","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/comments?post=56463"}],"version-history":[{"count":0,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/posts\/56463\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/media\/56464"}],"wp:attachment":[{"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/media?parent=56463"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/categories?post=56463"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ushopwell.com\/ublog\/wp-json\/wp\/v2\/tags?post=56463"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}