StarDestroyer.Net BBS

I was wondering for a story how realistic would it be for someone to sneak a computer virus as an official OS patch, as in trying to sneak a virus into a system by making it think it was downloading an official update even in truth it was downloading the virus. Would this be "not worth the cost" even for a state actor?

It would be far easier to get insider information about a security loophole, likely one due to be patched shortly, and use that as an attack vector.

Pretty sure that most sensible OS vendors have their update servers locked down such that unless the company was compromised not much is getting in. Similar issue with telling the target system to download your "patch", since that'd be so close to the root config that changing it for malicious intent means that you're either a such master of social engineering that you can convince Barb the tech illiterate secretary to ignore all of the "Warning! Do Not Touch!" popups on such a setting or have already massively compromised the system anyway. Altering the patch in transit will trip the signature validator, so that's out.

TL;DR: Jub is right, gain some sort of information regarding an existing vulnerability and exploit the hell out of it. It's how WannaCry happened.

Lord Revan wrote: ↑2020-06-12 06:39pm I was wondering for a story how realistic would it be for someone to sneak a computer virus as an official OS patch, as in trying to sneak a virus into a system by making it think it was downloading an official update even in truth it was downloading the virus. Would this be "not worth the cost" even for a state actor?

Were you watching the old TV Show REBOOT?

And yeah, as discussed, not likely to happen without major internal compromise within the company.

Of course, that doesn't prevent someone from making a LINUX variant and adding hidden coding.

Lord Revan wrote: ↑2020-06-12 06:39pm I was wondering for a story how realistic would it be for someone to sneak a computer virus as an official OS patch, as in trying to sneak a virus into a system by making it think it was downloading an official update even in truth it was downloading the virus. Would this be "not worth the cost" even for a state actor?

Easy, happens in Linux world. Random example.

In Windows, this last seriously happened in 2012, Flame used it for lateral movement but could have used it in an internet scale attack (given DNS compromise).

The Curveball vulnerability from 2020 could also have (nearly!) allowed attackers to spoof Windows patches (but Flame made them super paranoid and they mitigated it)