Skip to content

Latest commit

 

History

History
24 lines (18 loc) · 786 Bytes

File metadata and controls

24 lines (18 loc) · 786 Bytes

Kingslayer

Attackers could breach the download server of an application (used by system administrators to analyze Windows logs) and replaced the legitimate application and updates with a signed malicious version.

Impact

Organizations who used Alpha's free license edition software (the compromised version) include:

  • 4 major telecommunication providers
  • 10+ western millitary organizations
  • 24+ Fortune 500 companies
  • 5 major defense contractors
  • 36+ Major IT product manufacturers or solutions providers
  • 24+ western government organizations
  • 24+ banks and financial institutions
  • 45+ higher educational institutions

Type of compromise

The attacker had access to the publishing infrastructure (i.e., the download server) and to the signing key of the packager.