HISWAI shows you what’s connected to topics that interest you, and where to find more. HISWAI members can curate information with dashboards to gain insights, proper context and stay up to date on the latest relevant information. Sharing these discoveries with others is easy too!
Date: 2022-09-30 21:10:39
Tags for this article:
U.S. cybersecurity firm CrowdStrike will say in an upcoming blog post seen by Reuters that it had discovered malicious software being distributed by Vancouver-based Comm100, which provides customer service products, such as chat bots and social media management tools, to a range of clients around the globe.
The scope and scale of the hack wasn't immediately clear. In a message, Comm100 said it had fixed its software earlier Thursday and that more details would soon be forthcoming. The company did not immediately respond to follow-up requests for information.
Comm100 on its website said it had more than 15,000 customers in some 80 countries.
CrowdStrike executive Adam Meyers said in a telephone interview that the hackers involved were suspected to be Chinese, citing the hackers' patterns of behavior, language in the code, and the fact that one of the hack's victims had repeatedly been targeted by Chinese hackers in the past.
Supply chain compromises - which work by tampering with a widely used piece of software in order to hack its users downstream - have been of increasing concern since alleged Russian hackers broke into Texas IT management firm SolarWinds Corp and used it as a springboard to hack U.S. government agencies and a host of private firms.
Meyers - whose firm was among those that responded to the SolarWinds hack - said the Comm100 find was a reminder that other nations used the same techniques.
"China is engaging in supply chain attacks," he said.