University of Michigan has reported attackers compromised the download portal for iClicker, a classroom engagement tool, replacing the Mac app with malware that used a fake CAPTCHA to lure users into manually launching the payload. The malware granted attackers persistent access, bypassed Apple security controls, and primarily targeted students — raising concerns about supply chain attacks in education.
Debbie Gordon, CEO and Founder, Cloud Range had this to say:
“This incident shows how easily attackers can turn a simple user interaction — like clicking a CAPTCHA — into a full compromise. The real question is: how quickly can your team detect and contain it? That’s the essence of incident response readiness. Simulation-based training gives defenders the muscle memory they need to spot behavioral red flags, investigate effectively, and coordinate containment actions in real time — before small lapses become major breaches.”
I have to admit this attack is pretty scary. Hopefully the university does a deep dive to figure out how this happened because this clearly is a skilled threat actor who came into this with a plan of attack. That makes these threat actors should be considered dangerous.
Like this:
Like Loading...
Related
This entry was posted on May 12, 2025 at 2:43 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
University of Michigan Pwned Via Threat Actors Swapping A Classroom Engagement Tool For Malware
University of Michigan has reported attackers compromised the download portal for iClicker, a classroom engagement tool, replacing the Mac app with malware that used a fake CAPTCHA to lure users into manually launching the payload. The malware granted attackers persistent access, bypassed Apple security controls, and primarily targeted students — raising concerns about supply chain attacks in education.
Debbie Gordon, CEO and Founder, Cloud Range had this to say:
“This incident shows how easily attackers can turn a simple user interaction — like clicking a CAPTCHA — into a full compromise. The real question is: how quickly can your team detect and contain it? That’s the essence of incident response readiness. Simulation-based training gives defenders the muscle memory they need to spot behavioral red flags, investigate effectively, and coordinate containment actions in real time — before small lapses become major breaches.”
I have to admit this attack is pretty scary. Hopefully the university does a deep dive to figure out how this happened because this clearly is a skilled threat actor who came into this with a plan of attack. That makes these threat actors should be considered dangerous.
Share this:
Like this:
Related
This entry was posted on May 12, 2025 at 2:43 pm and is filed under Commentary with tags Hacked. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.