FBI warns that hackers are targeting software supply chain providers

News
By published

Kwampirs malware resurfaces in attacks against software supply chain companies

(Image credit: Andriano.cz / Shutterstock)

The FBI has warned US private sector companies about an ongoing hacking campaign targeting supply chain software providers in a recent security alert.

According to the FBI, hackers are currently attempting to infect organizations with a remote access trojan (RAT) known as the Kwampirs malware. In a private industry notification sent to businesses last week, the law enforcement agency warned that software supply chain companies are being targeted as a way to reach their partners and customers, saying:

"Software supply chain companies are believed to be targeted in order to gain access to the victim's strategic partners and/or customers, including entities supporting Industrial Control Systems (ICS) for global energy generation, transmission, and distribution."

In addition to being used to attack supply chain software providers, the FBI also said that this same malware has also been deployed to attack companies in the healthcare, energy and financial sectors.

Kwampirs malware

While the security alert sent out by the FBI did not identify any of the supply chain software providers that are currently being targeted, the agency did share IOCs (indicators of compromise) along with YARA rules to help organizations scan their internal networks for any signs of the Kwampirs RAT.

The Kwampirs malware was first detailed by the cybersecurity firm Symantec back in 2018 and at that time, the firm said a group called Orangeworm had used the malware to target supply chain companies that produced software for the healthcare sector.

The FBI's alert warns that attacks which employ Kwampirs have now evolved to target companies in the ICS (Industrial Control Systems) sector. The agency also claims that new evidence from analyzing the malware's code suggests that it contains “numerous similarities” with the data-wiping Shamoon malware which was developed by APT33.

The FBI recommends that organizations scan their networks for any signs of the Kwampirs malware and that they report any infections they find.

Via ZDNet

TOPICS
Anthony Spadafora
Anthony Spadafora

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home. 

Latest in Security
An American flag flying outside the US Capitol building against a blue sky
The FCC is creating a security council to bolster US defenses against cyberattacks
Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
Microsoft warns about a new phishing campaign impersonating Booking.com
Ransomware
Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Computer Hacked, System Error, Virus, Cyber attack, Malware Concept. Danger Symbol
Meta warns of worrying security flaw hitting open source type software
Hand holding smartphone and scan fingerprint biometric identity for unlock her mobile phone
Biometrics add another layer of security to passwordless authentication
Data leak
Hacked Tata Technologies data leaked by ransomware gang
Latest in News
Google Gemini Flash 2.0 Images
I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's Flash 2.0
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung Galaxy S26 Ultra could resurrect an intriguing camera feature
Eurocom Raptor X18
At $15,000, this massive 256GB RAM laptop makes Apple's MacBook Pro look affordable, tiny and very, very slow
Cristin Milioti in Black Mirror season 7
Netflix launches trailer for Black Mirror season 7, giving us a look at its first-ever sequel episode and an unexpected returning character
A graphic of the PC Gaming Show
Get ready for a bounty of PC games on June 8, as the PC Gaming show is back
A close up of The Daily podcast from Pocket Casts' web page
‘Podcasting shouldn’t be locked behind walled gardens’: Pocket Casts slams Spotify and makes its web player free to all
More about security
An American flag flying outside the US Capitol building against a blue sky

The FCC is creating a security council to bolster US defenses against cyberattacks
Ransomware

Microsoft uncovers sleuthy new XCSSET MacOS malware campaign
Google Gemini Flash 2.0 Images

I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's Flash 2.0
See more latest
Most Popular
Google Gemini Flash 2.0 Images
I tried Gemini's new AI image generation tool - here are 5 ways to get the best art from Google's Flash 2.0
Eurocom Raptor X18
At $15,000, this massive 256GB RAM laptop makes Apple's MacBook Pro look affordable, tiny and very, very slow
Dell Pro 75 Plus monitor pictured against a white background.
Dell just launched a $4,000 75-inch 4K touchscreen display - but I've found one rival that's 50% cheaper
An image of the Samsung Galaxy S25 Ultra from a hands-on event
Samsung Galaxy S26 Ultra could resurrect an intriguing camera feature
Quordle on a smartphone held in a hand
Quordle hints and answers for Friday, March 14 (game #1145)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Friday, March 14 (game #642)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Friday, March 14 (game #376)
Verizon logo on a building with blue sky above
Millions of Americans are missing out on cheap unlimited cloud storage - how to check if you are one of them
Cristin Milioti in Black Mirror season 7
Netflix launches trailer for Black Mirror season 7, giving us a look at its first-ever sequel episode and an unexpected returning character
The Toyota FT-Me Concept sitting in a car park
Toyota's self-charging concept EV could help you tackle the daily commute on solar power alone