Suspected Chinese hackers tampered with widely used Canadian chat program, say researchers

CrowdStrike researchers believe the malicious software was in circulation for a couple of days but wouldn’t say how many companies had been affected, divulging only that “entities across a range of industries” were hit

October 01, 2022 02:40 pm | Updated 02:40 pm IST - WASHINGTON

A file photo of a person typing on a keyboard

A file photo of a person typing on a keyboard | Photo Credit: REUTERS

Suspected Chinese hackers tampered with widely used software distributed by a small Canadian customer service company, in another example of a “supply chain compromise” made infamous by the hack on U.S. networking company SolarWinds.

(For insights on emerging themes at the intersection of technology, business and policy, subscribe to our tech newsletter Today’s Cache.)

U.S. cybersecurity firm CrowdStrike will say in an upcoming blog post seen by Reuters that it had discovered malicious software being distributed by Vancouver-based Comm100, which provides customer service products, such as chat bots and social media management tools, to a range of clients around the globe.

The scope and scale of the hack wasn't immediately clear. In a message, Comm100 said it had fixed its software earlier Thursday and that more details would soon be forthcoming. The company did not immediately respond to follow-up requests for information.

CrowdStrike researchers believe the malicious software was in circulation for a couple of days but wouldn’t say how many companies had been affected, divulging only that “entities across a range of industries” were hit.

Comm100 on its website said it had more than 15,000 customers in some 80 countries.

CrowdStrike executive Adam Meyers said in a telephone interview that the hackers involved were suspected to be Chinese, citing the hackers’ patterns of behaviour, language in the code, and the fact that one of the hack's victims had repeatedly been targeted by Chinese hackers in the past.

The Chinese Embassy in Washington did not immediately return messages seeking comment. Beijing regularly denies such allegations.

Supply chain compromises – which work by tampering with a widely used piece of software in order to hack its users downstream – have been of increasing concern since alleged Russian hackers broke into Texas IT management firm SolarWinds Corp. and used it as a springboard to hack U.S. government agencies and a host of private firms.

Meyers – whose firm was among those that responded to the SolarWinds hack – said the Comm100 find was a reminder that other nations used the same techniques.

“China is engaging in supply chain attacks,” he said.

Top News Today

Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.