Chinese hackers exploited bug to compromise internet companies: security firm

Researchers at the firm, Lumen Technologies, said in a blog post that the hackers took advantage of a previously unknown vulnerability in Versa Director – a software platform used to manage services for customers of Santa Clara, California-based Versa Networks.

Versa Networks issued an advisory on Monday acknowledging that the vulnerability had been exploited “in at least one known instance” by an advanced group of hackers, and urged customers to upgrade their software to fix the bug.

Lumen’s blog post said that its researchers assessed with “moderate confidence” that the hacking campaign was carried by an alleged Chinese government-backed group nicknamed “Volt Typhoon”. The attacks happened as early as June 12, Lumen said.

The Chinese embassy in Washington did not immediately respond to a request seeking comment, although Beijing routinely denies allegations of its involvement in cyberespionage.

US officials did not immediately respond to a request for comment but on Friday the US Cybersecurity and Infrastructure Security Agency added the Versa vulnerability to its list of “known exploited vulnerabilities”.

Brandon Wales, the recently departed executive director of CISA, was quoted by The Washington Post newspaper on Tuesday as saying China’s hacking effort had “dramatically stepped up from where it used to be”.

Volt Typhoon has emerged as a group of particular concern to US cybersecurity officials.

In April, Federal Bureau of Investigation (FBI) director Christopher Wray said China was developing the “ability to physically wreak havoc” on US critical infrastructure and that Volt Typhoon had burrowed into numerous US telecommunications, energy, water and other critical services companies.