Recently, there have been reports of cyberattacks conducted by a Chinese hacking group called Evasive Panda, specifically targeting individuals affiliated with non-governmental organizations (NGOs). The group employs malicious program attacks disguised as updates for popular local instant messaging software QQ. Researchers have revealed that hackers exploit this method of attack due to the common tendency of users to habitually click on software update prompts, making it easier for the hackers to gain access to the victims’ systems.
However, regarding this attack incident, researchers also state that they can currently only speculate based on limited evidence. They preliminarily believe it may be a supply chain attack, but they do not rule out the possibility of a Man-in-the-Middle (MitM) attack. A supply chain attack refers to hackers infiltrating software vendors’ systems and injecting malicious code into the software, which ultimately runs on the victims’ systems, causing damage. On the other hand, a MitM attack involves hackers impersonating legitimate intermediaries during communication processes to steal or manipulate information.
This attack incident has raised concerns about hacking groups and serves as a reminder for everyone to pay attention to software update prompts on their computers and mobile devices to avoid becoming targets of hackers.