Kaspersky Lab says it found a data-stealing backdoor called ShadowPad planted in five software packages from server management vendor NetSarang. The group behind the backdoor is unknown and left few traces, but the techniques used are similar to PlugX, a remote access Trojan, and Winnti. ShadowPad is designed to infect and then wait for instructions, its developers did launch it against a Hong-Kong-based company. The company was not identified and did not address how it had been breached.”]
Source: https://www.cuinfosecurity.com/supply-chain-woes-again-netsarang-popped-a-10200