Companies using the 3D computer graphics application known as 3Ds Max have become the target of mercenary hackers, says security company Bitdefender.
The hackers behind the attacks have been found to store their malicious code in the 3Ds Max plugins by software developing giant Autodesk. This instance of the plugin being used as a disguise for malware was already known to the company a couple of weeks ago.
Earlier in August, Autodesk informed users about a malicious plugin called “PhysXPluginMfx”. And as per the alert posted by the developer, the plugin was said to run malicious MAXScript operations that would corrupt the software’s settings and infect other users, among other things.
However, upon deeper investigation of the plugin, Romanian cybersecurity firm Bitdefender found that its purpose was to actually launch a backdoor Trojan horse virus. And with its help, the firm specified, the hackers behind the attack are able to search infected computers for sensitive and important information.
At least one major architectural and video production company was confirmed to have been targeted by this attack. And as Bitdefender’s investigation revealed, the hacker group was using a command and control server in South Korea.
However, samples of this same malware reportedly made connections to the server from a series of other locations around the world, including the United States and South Africa. This suggests that there may very well be victims in these countries, as well, that have not yet been confirmed.
Bitdefender concluded that the attack was carried out with a high level of sophistication. And all the evidence suggests that the hacker group has been active for at least a month now.