Chinese Hacking Group Exploits Software Bug to Target Internet Companies

A Chinese hacking group exploited a software bug to compromise several internet companies in the United States and abroad, a cybersecurity firm said on Tuesday.

Researchers at the firm Lumen Technologies detailed in a blog post that the hackers took advantage of a previously unknown vulnerability in Versa Director, a software platform used to manage services for customers of Santa Clara, California-based Versa Networks. The research identified four U.S. victims and one Indian victim, but did not name them.

On Monday, Versa Networks issued an advisory acknowledging the vulnerability had been exploited 'in at least one known instance' by an advanced group of hackers and urged customers to update their software. Lumen researchers attributed the hacking campaign, which began as early as June 12, to 'Volt Typhoon,' a group allegedly backed by the Chinese government, with 'moderate confidence.'

Ryan English, a researcher at Lumen, noted the internet companies were targeted to surveil their customers. Doug Britton of RunSafe Security confirmed the report's findings, indicating that such access would allow 'broad, silent surveillance.'

The Chinese Embassy in Washington denied any state sponsorship for 'Volt Typhoon' and accused the U.S. intelligence community of exaggerating the threat with cybersecurity firms. Brandon Wales, former executive director of CISA, highlighted that China's hacking activity has 'dramatically stepped up.'

In April, FBI Director Christopher Wray expressed concerns over China's ability to disrupt U.S. critical infrastructure.

(With inputs from agencies.)