A supply chain attack is believed to have been responsible for inserting a backdoor into widely used server management software. Kaspersky Labs Global Research and Analysis Team explains what the malicious component, dubbed Backdoor.Win32a or ShadowPad for short, can do: download and execute arbitrary code provided from the C&C server. The attackers behind this malware have already registered the domains covering July to December 2017, which indirectly confirms alleged start date of the attack as around mid July 2017.”]