Evasive Panda Compromises ISP to Distribute Malicious Software Updates
The group used DNS poisoning to redirect software update queries to attacker-controlled servers, infecting victims with malware. Volexity detected one attack in Hong Kong, which ceased when the ISP took action.