Login
Israel-Hamas Conflict
Jerome Powell
Donald Trump
Federal Reserve
Artificial Intelligence
Republican Party
Natural Disasters
Social Media
US Politics
Democratic Party
Senate
Cryptocurrency
US Crime
institutional access

You are connecting from
Lake Geneva Public Library,
please login or register to take advantage of your institution's Ground News Plan.

Published loading...Updated

Google Finds Custom Backdoor Being Installed on SonicWall Network Devices

GLOBAL, JUL 16 – UNC6148 uses stolen credentials and possibly zero-day exploits to maintain persistent access on patched SonicWall VPNs, enabling credential theft and potential extortion, researchers say.

Summary by Ars Technica
Researchers from the Google Threat Intelligence Group said that hackers are compromising SonicWall Secure Mobile Access (SMA) appliances, which sit at the edge of enterprise networks and manage and secure access by mobile devices. The targeted devices are end of life, meaning they no longer receive regular updates for stability and security. Despite the status, many organizations continue to rely on them. That has left them prime targets by UNC6…

7 Articles

Ars TechnicaArs Technica
Center

Google finds custom backdoor being installed on SonicWall network devices

Researchers from the Google Threat Intelligence Group said that hackers are compromising SonicWall Secure Mobile Access (SMA) appliances, which sit at the edge of enterprise networks and manage and secure access by mobile devices. The targeted devices are end of life, meaning they no longer receive regular updates for stability and security. Despite the status, many organizations continue to rely on them. That has left them prime targets by UNC6…

·United States
Read Full Article
CyberScoopCyberScoop
Center

SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices

A financially motivated threat group is attacking organizations using fully patched, end-of-life SonicWall Secure Mobile Access 100 series appliances, Google Threat Intelligence Group said in a report released Wednesday. The group, which Google identifies as UNC6148, is using previously stolen admin credentials to gain access to SonicWall SMA 100 series appliances, remote access VPN devices the vendor stopped selling and supporting earlier this …

Read Full Article
The RegisterThe Register
Center

Crims hijacking fully patched SonicWall VPNs

: Someone's OVERSTEPing the mark

Read Full Article
Cybersecurity DiveCybersecurity Dive
Center

Threat actor targets end-of-life SonicWall SMA 100 appliances in ongoing campaign

The hacker has deployed a backdoor to modify the boot process and has exploited several different vulnerabilities during the attack spree.

Read Full Article
BleepingComputerBleepingComputer
Center

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported SonicWall Secure Mobile Access appliances.

Read Full Article
cybernoz.comcybernoz.com

SonicWall SMA Devices Persistently Infected With Stealthy OVERSTEP Backdoor And Rootkit - Cybernoz - Cybersecurity News

Unknown intruders are targeting fully patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances and deploying a novel, persistent backdoor / rootkit, analysts with Google’s Threat Intelligence Group (GTIG) have warned. The analysts say UNC6148 – as they dubbed the threat group – is likely financially motivated. “An organization targeted by UNC6148 in May 2025 was posted to the ‘World Leaks’ data leak site (DLS) in June 2025,…

Read Full Article
Think freely.Subscribe and get full access to Ground NewsSubscriptions start at $9.99/yearSubscribe

Bias Distribution

  • 100% of the sources are Center
100% Center
Factuality

To view factuality data please Upgrade to Premium

Ownership

To view ownership data please Upgrade to Vantage

BleepingComputer broke the news in on Wednesday, July 16, 2025.
Sources are mostly out of (0)

Similar News Topics

Google icon

Google

Technology icon

Technology

News
For You
SearchBlindspotLocal