PLEAD

PLEAD is a sophisticated malware, suspected to be associated with the Chinese APT group known as BlackTech. First observed in the wild in 2015, it was discovered by ESET researchers in 2019 that BlackTech was using compromised ASUS routers to perform Man-in-the-Middle (MitM) attacks and deliver the PLEAD malware through ASUS WebStorage software updates. The malware, also referred to as TSCookie in some instances, was concealed in legitimate looking software updates from Asus and uploaded to victim systems by modifying the DNS resolution of asus.com. Once inside, PLEAD had the ability to steal data from victim organizations, exhibiting innovative capabilities such as eavesdropping and performing DNS and HTTP hijacking, previously seen in campaigns like ZuoRat, VPNFilter, Attor, and Cuttlefish. In a related development, two foreign nationals pleaded guilty to participation in the LockBit Ransomware Group, which has been linked to similar cyberattacks. In another case, Bowser plead guilty to two out of eleven charges and was sentenced to 40 months in prison and a $4.5 million fine, later increased by $10 million. It's important to note that these cases underscore the global nature of cybercrime and the increasing sophistication of malicious actors in exploiting vulnerabilities in widely used software and hardware. Moreover, Sellafield, a British nuclear decommissioning company, plead guilty to all charges brought by the Office for Nuclear Regulation (ONR) in June 2024. The specifics of the charges are not detailed, but it is implied that they may relate to cybersecurity lapses or other infractions. These incidents highlight the importance of robust cybersecurity measures across all sectors, especially those dealing with sensitive information or infrastructure.