SUPERNOVA backdoor that emerged after SolarWinds hack is likely linked to Chinese actors

Supernova malware clues link Chinese threat group Spiral to SolarWinds server hacks Supernova malware spotted on compromised SolarWinds Orion installs exposed on the Internets is likely linked to a China-linked espionage group. Researchers at Secureworks’ counter threat unit (CTU) were investigating the exploit of SolarWinds servers to deploy the Supernova web shell when collected evidence that linked the malicious activity to a China-linked cyber espionage group tracked as Spiral.

Read full article on Security Affairs