Chinese hackers exploited bug to compromise internet companies, cybersecurity firm says
The hackers took advantage of a previously unknown vulnerability in a software platform
Washington (Reuters): A Chinese hacking group exploited a software bug to compromise several internet companies in the U.S. and abroad, a cybersecurity firm said on Tuesday.
Researchers at the firm, Lumen Technologies (LUMN.N), opens new tab, said in a blog post that the hackers took advantage of a previously unknown vulnerability in Versa Director - a software platform used to manage services for customers of Santa Clara, California-based Versa Networks. It said four U.S. and one non-U.S. victim had been identified. Lumen did not name the victims and did not immediately respond to a request seeking further details.
Versa Networks issued an advisory on Monday acknowledging that the vulnerability had been exploited "in at least one known instance" by an advanced group of hackers, and urged customers to upgrade their software to fix the bug.
Lumen's blog post said that its researchers assessed with "moderate confidence" that the hacking campaign was carried by an alleged Chinese government-backed group nicknamed "Volt Typhoon." The attacks happened as early as June 12, Lumen said.
The Chinese Embassy in Washington did not immediately respond to a request seeking comment, although Beijing routinely denies allegations of its involvement in cyberespionage. U.S. officials did not immediately respond to a request for comment but on Friday the U.S. Cybersecurity and Infrastructure Security Agency added the Versa vulnerability to its list of "known exploited vulnerabilities."
Brandon Wales, the recently departed executive director of CISA, was quoted by the Washington Post on Tuesday saying that China's hacking effort had "dramatically stepped up from where it used to be."
Volt Typhoon has emerged as a group of particular concern to U.S. cybersecurity officials. In April, FBI Director Christopher Wray said China was developing the "ability to physically wreak havoc" on U.S. critical infrastructure and that Volt Typhoon had burrowed into numerous U.S. telecommunications, energy, water and other critical services companies.
Mark Zuckerberg teases upcoming Facebook transformation for 2025
- 5 hours ago
PCB unveils squad for ICC Men’s Champions Trophy 2025
- 6 hours ago
Gold surges to Rs291,800 per tola in Pakistan following global price spike
- 9 hours ago
Journalists unite in nationwide protests over new PECA law
- 4 hours ago
PCB confirms inauguration dates for renovated Gaddafi, National stadiums
- 8 hours ago
The countdown begins: ‘Squid Game’ season 3 premiere date revealed
- 8 hours ago
Punjab imposes 60km/h speed limit for motorcyclists to boost road safety
- 8 hours ago
Colder nights ahead: Karachi's temperature set to drop between 11°C and 14°C
- 3 hours ago
10 Khawarij killed in targeted operations across KP: ISPR
- 7 hours ago
Zardari visits PAF's National Aerospace Science, Technology Park
- 9 hours ago
FBR sets record with highest-ever tax collection for Dec 2024
- 9 hours ago
PhD or administrative experience? Reevaluating the criteria for varsity VCs in Sindh
- 6 hours ago
.jpg&w=3840&q=75)
