Vietnam targeted in complex supply chain attack

 Via Mad Italian

Hackers have inserted malware inside an app offered for download by the Vietnam Government Certification Authority (VGCA).

A group of mysterious hackers has carried out a clever supply chain attack against Vietnamese private companies and government agencies by inserting malware inside an official government software toolkit.

Today's security threats have expanded in scope and seriousness. There can now be millions -- or even billions -- of dollars at risk when information security isn't handled properly.

The attack, discovered by security firm ESET and detailed in a report named "Operation SignSight," targeted the Vietnam Government Certification Authority (VGCA), the government organization that issues digital certificates that can be used to electronically sign official documents. 

More @ ZNET