Final hours! Save up to 55% OFF InvestingProCLAIM SALE

Chinese hackers exploited bug to compromise internet companies, cybersecurity firm says

Published 08/27/2024, 12:38 PM
Updated 08/28/2024, 10:40 AM
© Reuters. FILE PHOTO: A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration/File Photo

By Raphael Satter

WASHINGTON (Reuters) -A Chinese hacking group exploited a software bug to compromise several internet companies in the United States and abroad, a cybersecurity firm said on Tuesday.

Researchers at the firm Lumen Technologies said in a blog post that the hackers took advantage of a previously unknown vulnerability in Versa Director - a software platform used to manage services for customers of Santa Clara, California-based Versa Networks. It said four U.S. victims and one Indian victim had been identified, although it declined to identify them.

Versa Networks issued an advisory on Monday acknowledging that the vulnerability had been exploited "in at least one known instance" by an advanced group of hackers, and urged customers to update their software to fix the bug. In an email, the company said it had confirmed three victims - including an internet service provider.

Lumen's blog post said that its researchers assessed with "moderate confidence" that the hacking campaign, which kicked off as early as June 12, was carried out by an alleged Chinese government-backed group nicknamed "Volt Typhoon." Lumen researcher Ryan English said that the internet companies were targeted for the attackers to surveil their customers.

"They very rarely go in through the front door," he said.

Doug Britton, an executive with Virginia-based RunSafe Security, said the research appeared sound and that the access described by Lumen would allow a group like Volt Typhoon "the ability to do broad, silent surveillance."

The Chinese Embassy in Washington said in a statement late Tuesday that “Volt Typhoon” was actually a gang of cybercriminals and was not "sponsored by any state or region." It accused the U.S. intelligence community of collaborating with cybersecurity companies to gin up the threat of  the "so-called Chinese government’s support for cyber attacks against the U.S."

© Reuters. FILE PHOTO: A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS/Kacper Pempel/Illustration/File Photo

Brandon Wales, the recently departed executive director of CISA, was quoted by the Washington Post on Tuesday saying that China's hacking effort had "dramatically stepped up from where it used to be."

Volt Typhoon has emerged as a group of particular concern to U.S. cybersecurity officials. In April, FBI Director Christopher Wray said China was developing the "ability to physically wreak havoc" on U.S. critical infrastructure.

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.