Chinese hackers exploited bug to compromise internet companies, cybersecurity firm says

Lumen said it assessed the hacking campaign in the US and abroad was carried by alleged Chinese government-backed group ‘Volt Typhoon’

Reading Time:2 minutes

US telecoms firm Lumen said Chinese hackers exploited a software bug to compromise several internet companies in the US and abroad. Photo: Shutterstock

Published: 1:38am, 28 Aug 2024Updated: 1:58pm, 28 Aug 2024

A Chinese hacking group exploited a software bug to compromise several internet companies in the United States and abroad, a cybersecurity firm said on Tuesday.

Researchers at the firm, Lumen Technologies, said in a blog post that the hackers took advantage of a previously unknown vulnerability in Versa Director – a software platform used to manage services for customers of Santa Clara, California-based Versa Networks.

It said four US targets and one non-US victim had been identified. Lumen did not name the victims and did not immediately respond to a request seeking further details.

Versa Networks issued an advisory on Monday acknowledging that the vulnerability had been exploited “in at least one known instance” by an advanced group of hackers, and urged customers to upgrade their software to fix the bug.

FBI director Christopher Wray. Photo: AP

Lumen’s blog post said that its researchers assessed with “moderate confidence” that the hacking campaign was carried by an alleged Chinese government-backed group nicknamed “Volt Typhoon”. The attacks happened as early as June 12, Lumen said.