Raphael Sutter
WASHINGTON (Reuters) – A group of Chinese hackers exploited software bugs to break into several internet companies in the United States and overseas, a cybersecurity company said on Tuesday.
Researchers at Lumen Technologies said in a blog post that the hackers exploited a previously unknown vulnerability in Versa Director, a software platform used to manage services for customers of Santa Clara, Calif.-based Versa Networks Inc. The company said four of the victims were identified as U.S. nationals and one as an Indian national, but did not disclose their identities.
Versa Networks issued an advisory on Monday acknowledging that the vulnerability had been exploited by a sophisticated group of hackers in “at least one known instance” and urged customers to update their software to fix the bug.
Lumen’s blog post said the company’s researchers assessed with “medium confidence” that the hacking attack, which began on June 12, was carried out by a Chinese government-backed group nicknamed “Bolt Typhoon.” Lumen researcher Ryan English said the attackers targeted internet companies to spy on their customers.
“Very rarely does anyone come through the front door,” he says.
Doug Britton, executive director of Virginia-based Ransafe Security, said the investigation was reasonable and that the access Lumen described would give a group like Bolt Typhoon “wide-reaching, covert surveillance capabilities.”
The Chinese Embassy in Washington did not respond to a request for comment, but the Chinese government has consistently denied any allegations of involvement in cyberespionage. On Friday, the US Cybersecurity and Infrastructure Security Agency added the Versa vulnerability to its list of “known exploited vulnerabilities.”
The Washington Post on Tuesday quoted recently retired CISA Director Brandon Wales as saying that China’s hacking operations have “intensified dramatically more than they have in the past.”
The Bolt Typhoon has emerged as a group of particular concern to U.S. cybersecurity officials: In April, FBI Director Christopher Wray said China was developing “the capability to wreak physical havoc” on U.S. critical infrastructure.
