Able Desktop
Able Desktop installer distributed malware
Attackers compromised Able Desktop's website and used the Korean software company's own download path to distribute a trojanized installer. The malicious build carried a remote access backdoor, turning a routine desktop installation into a foothold delivered from a familiar vendor domain.
- Date
- 2020-11-01 to 2020-12-31
- Category
- Commercial
- Target Surface
- Distribution
- Insertion Phase
- distribution
- Impact
- Remote access
- Cause
- Website compromise
What Was Affected
Package
Able Desktop
LanguageC++
ComponentApplication
Artifact typebinary archive
Domain typeproject download host
Domain
able.co.kr
Compromised Versions
- Able Desktop 3.5.2
Incident Context
- Motive
- Espionage
- Attribution
- Nation-state
- Transitive
- No
- User Impact
- 30000
- Observed Duration
- 60 days
Evidence
Compromised Artifacts
External References
Source Data
Source record: proprietary/able/meta.yaml