A Windows-based server management software product used by hundreds of organizations worldwide was found rigged with a malicious backdoor tucked inside its source code. The ShadowPad backdoor was discovered on Aug. 4 by Kaspersky Lab during an incident response investigation for a financial institution partner. The software is used by organizations in finance, education, telecommunications, manufacturing, energy, and transportation, to manage their Windows, Unix, and Linux servers. The attack has the earmarks of Chinese-speaking cyber espionage attack groups such as PlugX and WinNTi, but they can’t confirm that these are the attackers behind ShadowPad.”]