A novel supply chain attack in South Korea abuses legitimate security software and stolen digital certificates to distribute remote administration tools (RATs) on target systems. ESET researchers said the state-sponsored threat actor leveraged the mandatory requirement that internet users in the country must install additional security software in order to avail Internet banking and essential government services. The attack exploits WIZVERA VeraPort, billed as a “program” designed to integrate and manage internet banking-related installation programs, such as digital certificates issued by the banks to secure all transactions.
Source: https://thehackernews.com/2020/11/trojanized-security-software-hits-south.html