Chinese hackers exploit software flaw to breach internet firms in US and India

Updated on 29-Aug-2024
HIGHLIGHTS

A group of Chinese hackers has exploited a software bug to breach internet companies in the United States and India.

The researchers at Lumen Technologies revealed that the hackers took advantage of a previously unknown vulnerability in Versa Director.

The hacking campaign was carried out by a group known as "Volt Typhoon."

A group of Chinese hackers has exploited a software bug to breach several internet companies in the United States and India. The researchers at Lumen Technologies revealed in a blog post that the hackers took advantage of a previously unknown vulnerability in Versa Director, a software platform used by Santa Clara-based Versa Networks to manage services for its customers.

Lumen Technologies identified four victims in the US and one in another country, though it did not disclose the names of the affected companies. According to a report by Reuters, the non-US victim is one of the Indian companies.

Also read: Researchers warn: Hackers can exploit 5G baseband flaws to spy on cell phone users

Versa Networks acknowledged the vulnerability on Monday, stating that it had been exploited “in at least one known instance” by an advanced hacking group. The company urged customers to update their software to patch the flaw and confirmed that three victims had been verified, including an internet service provider.

Lumen’s researchers believe with “moderate confidence” that the hacking campaign, which began around June 12, was carried out by a group known as “Volt Typhoon.” This group is alleged to be backed by the Chinese government. According to Lumen researcher Ryan English, the attackers targeted internet companies to spy on their customers, stating, “They very rarely go in through the front door.”

Doug Britton, an executive with Virginia-based RunSafe Security, supported Lumen’s findings, stating that the level of access described would allow a group like Volt Typhoon “the ability to do broad, silent surveillance.”

Also read: Telegram fixes vulnerability that allowed hackers to send dangerous files via Chats

The Chinese Embassy in Washington responded on Tuesday, denying any government involvement. The embassy claimed that “Volt Typhoon” was merely a gang of cybercriminals and not state-sponsored. It also accused the US intelligence community of collaborating with cybersecurity firms to exaggerate the threat posed by alleged Chinese government-backed cyberattacks.

Brandon Wales, the recently departed executive director of CISA, noted that China’s hacking efforts had “dramatically stepped up from where it used to be.” In April, FBI Director Christopher Wray warned that China was developing the “ability to physically wreak havoc” on US critical infrastructure.

Also watch:

Ayushi Jain

Tech news writer by day, BGMI player by night. Combining my passion for tech and gaming to bring you the latest in both worlds.

Connect On :