Chinese cyber espionage group Bolt Typhoonhave been linked to attacks on internet companies in the United States and India. It has now emerged that software products used by IT service providers may have been exploited by these malicious actors.
what happened: This group is exploiting zero-day vulnerabilities Versa Directoris a software product that is widely used by internet and IT service providers, Krebs on Security reported earlier this week.
The Versa Director system is primarily used by Internet Service Providers (ISPs) and Managed Service Providers (MSPs) who serve the IT needs of many small and medium-sized businesses.
The researchers believe the Bolt Typhoon’s purpose is to prepare for a possible communications blackout between the US and Asia in the event of a future armed conflict with China, the report added.
On August 26, Versa issued a security advisory urging customers to patch the vulnerability (CVE-2024-39717), which has been fixed in Versa Director 22.1.4 and later.
See: Steve Jobs once said that he became a billionaire at the age of 23, had $10 million by 24, and $100 million by 25. This is why he decided to stay on a $1 salary for his entire time at Apple.
According to Michael HolkaSenior Lead Information Security Engineer Black Lotus LabThe earliest known exploit activity occurred on June 12, 2024 at a US ISP.
In a blog post earlier this week, Holka said that “Lumen Technologies’ Black Lotus Labs team has discovered a zero-day vulnerability in Versa Director servers that is being actively exploited in the wild.”
According to the report, Black Lotus Labs assessed that Bolt Typhoon was the source of the intrusion.
Subscribe Benzinga Tech Trends Newsletter We’ll send you all the latest technological developments via email.
Why is this important?The Volt Typhoon group has been under the radar of US security agencies for some time: In May 2023, Microsoft accused Chinese hackers of spying on critical US infrastructure and Guam.
Previously, the National Security Agency (NSA), Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) issued a joint warning about the cyberespionage ring.
By February 2024, the FBI director was warning about the Chinese cyber threat, calling the situation the “tip of the iceberg.” He highlighted how Bolt Typhoon had covertly placed offensive malware on U.S. critical infrastructure networks.
In late April, F.B.I. Christopher Wray He warned that Chinese government-backed hackers could take control of critical U.S. infrastructure at any time and “wreak havoc.”
See more consumer tech articles from Benzinga Follow this link.
Read next:
Disclaimer: This content was produced in part with the help of AI tools and was reviewed and published by Benzinga editors.
Image courtesy of Shutterstock
Market news and data provided by Benzinga API
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
