Justice AV Solutions' (JAVS) Viewer software, version 8.3.7, was found to contain a backdoored installer, allowing attackers to take control of affected systems. This issue was identified by Rapid7, leading to a recommendation for users to completely re-image their systems and reset credentials. The backdoored installer was traced back to a binary downloaded from the official JAVS site, which also contained encoded PowerShell scripts linked to the GateDoor/Rustdoor malware family. JAVS responded quickly, removing the compromised version from their site and conducting a full internal audit. They advised users to verify digital signatures on JAVS software and to stay updated with software releases and security patches.

https://www.rapid7.com/blog/post/2024/05/23/cve-2024-4978-backdoored-justice-av-solutions-viewer-software-used-in-apparent-supply-chain-attack/

#cybersecurity #javs #vulnerability #backdoor #gatedoor #rustdoor #malware #powershell #script #rapid7