Skip to main content

Kingslayer – A Supply Chain Attack

RSA Research investigated the source of suspicious, observed beaconing thought to be associated with targeted malware. In the course of this tactical hunt for unidentified code, RSA discovered a sophisticated attack on a software supply-chain involving a Trojan inserted in otherwise legitimate software; software that is typically used by enterprise system administrators.  We are sharing details of this attack investigation, along with mitigation and detection strategies, to promote awareness and preparation for future or ongoing software supply-chain attacks.