SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit

Unknown intruders are targeting fully patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances and deploying a novel, persistent backdoor / rootkit, analysts with Google’s Threat Intelligence Group (GTIG) have warned. The analysts say UNC6148 – as they dubbed the threat group – is likely financially motivated. “An organization targeted by UNC6148 in May 2025 was posted to the ‘World Leaks’ data leak site (DLS) in June 2025, and UNC6148 activity overlaps with publicly … More → The post SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit appeared first on Help Net Security.
http://news.poseidon-us.com/TLy77P

SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit

Like this:

Related

More Posts

More than 13,400 feds submit retirement paperwork in June

Dymocks modernises system used to manage 40 million products

NoName057(16) cybercrime group targeted in global operation

Ex-intelligence officer jailed for stealing bitcoin from Silk Road 2.0 operator

Village Roadshow uses predictive rostering for its casual workforce

What Is a Project Portfolio? Definition, Example and How to Manage One

Risk management, legacy tech pose major threats to healthcare sector

AWS streamlines Marketplace for agentic era

Is the Trump Administration moving the needle on digital identity management?

Is the Trump Administration moving the needle on digital identity management?

Share this:

Like this:

Related

More Posts