Cybercriminals are increasingly using supply chain attacks to distribute malicious software to devices. In this type of attack, attackers gain access to a company's account on a, such as GitHub, which is used to store source code and software files. The attackers then upload a malicious software package that looks like a legitimate software update.
When end-users download the update, they unknowingly download the attacker's malicious software along with it. The attack can also occur when the software updates automatically from the code-hosting platform, without the end-user's knowledge.
View this report to dive deeper into the following:
- Real-world, case study examples of Malware Supply Chain Attacks;
- Emerging threat vectors for phishing attacks;
- How attackers exploit software downloads to spread malware.