A recent cybersecurity report reveals that a Chinese hacking group has exploited a critical software vulnerability to breach several internet companies both in the U.S. and internationally. The breach was detailed in a blog post by a cybersecurity firm on Tuesday.
According to the firm, the hackers targeted a previously undisclosed flaw in Versa Director, a software platform provided by a Santa Clara, California-based company for managing customer services.
The cybersecurity firm identified four U.S. companies and one international firm as victims of this attack, although specific names were not disclosed. The company had issued an advisory on Monday confirming the exploitation of the vulnerability by an advanced hacking group and urged its customers to update their software to patch the flaw.
The report suggested with “moderate confidence” that the hacking campaign was orchestrated by a Chinese government-backed group known as “Volt Typhoon.” The attacks were reported to have commenced as early as June 12.
Volt Typhoon has become a significant concern for U.S. cybersecurity officials. In April, the FBI Director indicated that China was advancing its capabilities to cause physical damage to U.S. critical infrastructure, noting that Volt Typhoon had infiltrated several key sectors, including telecommunications, energy, and water services.
The Chinese Embassy in Washington did not respond to inquiries about the allegations, with Beijing routinely denying involvement in cyber espionage activities. U.S. officials also refrained from commenting, but the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the Versa vulnerability to its list of “known exploited vulnerabilities” on Friday.
Brandon Wales, the former executive director of CISA, commented to the media on Tuesday, observing that China’s cyber activities have “dramatically stepped up from where they used to be.”
ALSO READ: Russian Foreign Minister Claims Telegram Boss’s Legal Woes Due To ‘Too Free’ Approach
