They warn that Chinese hackers have manipulated a widely used Canadian chat program

They warn that Chinese hackers have manipulated a widely used Canadian chat program
Experts believe the malware had been around for a few days (EFE/Sascha Steinbach)

Suspected Chinese hackers manipulated widely used software distributed by a small Canadian customer service companyanother example of “supply chain compromise” made infamous by the hack of US networking company SolarWinds.

US cybersecurity firm CrowdStrike will say in an upcoming blog post, seen by the agency Reuterswho had discovered malware distributed by Comm100based in Vancouver, which provides customer service products, such as chatbots and social media management tools, to a number of customers around the world.

The scope and scale of the hack was not immediately clear. In a post, Comm100 said it patched its software early Thursday and more details would be available soon. The company did not immediately respond to requests for information.

CrowdStrike Researchers they believe the malware had been in circulation for a few daysbut did not say how many businesses had been affected, saying only that “entities across a range of industries” were affected.

Comm100, on its website, said it had more than 15,000 customers in approximately 80 countries.

CrowdStrike executive Adam Meyers said in a phone interview that the hackers involved were believed to be Chinese, citing hacker behavior patterns, the language of the code and the fact that one of the hack victims had been repeatedly targeted by Chinese hackers in the past.

The Chinese Embassy in Washington did not immediately return messages seeking comment. Beijing generally denies these accusations.

Supply chain attacks – which involve manipulating a widely used computer program to hack into its users – have been a growing concern since suspected Russian hackers broke into Texas-based IT management firm SolarWinds Corp and used it as a springboard to hack into US government agencies and a number of private companies.

Meyers – whose company was among those responding to the SolarWinds hack – said the discovery of Comm100 was a reminder that other countries were using the same techniques. “China is carrying out attacks on the supply chain”said.

(By Raphaël Satter and Christopher Bing – Reuters)

Continue reading:

Compelling Washington Post editorial: How the machine works to silence dissent in Venezuela
Fort Myers: A Paradise Turned to Ruins by Hurricane Ian
The most impactful sentences of the confrontation between Bolsonaro and Lula during the presidential debate in Brazil

Theodore Davis

"Entrepreneur. Amateur gamer. Zombie advocate. Infuriatingly humble communicator. Proud reader."

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *