WASHINGTON, Sept 30 (Reuters) – Suspected Chinese hackers tampered with software widely distributed by a small Canadian customer service company, another example of a “supply chain compromise” made infamous by the hack at US networking company SolarWinds.
US cybersecurity firm CrowdStrike said in a blog post that it had discovered malware distributed by Vancouver-based Comm100, which offers customer service products such as chat bots and social media management tools , to a number of clients around the world.
The scope and scale of the hack were not immediately clear. In a message, Comm100 said it had fixed its software earlier Thursday and that more details would be released soon. The company did not immediately respond to requests for follow-up information.
Register now for FREE, unlimited access to Reuters.comRegister
CrowdStrike researchers believe the malware was in circulation for a couple of days, but did not say how many companies were affected, only disclosing that “entities across multiple industries” were affected. A person familiar with the matter said there were a dozen known victims, although the actual number could be much higher.
Comm100 on its website said it had more than 15,000 customers in about 80 countries.
CrowdStrike executive Adam Meyers said in a phone interview that the hackers involved were suspected to be Chinese, citing the hackers’ behavioral patterns, the language of the code and the fact that one of the hacking victims had has been repeatedly attacked by Chinese hackers in the past.
The Chinese embassy in Washington did not immediately return messages seeking comment. Beijing regularly denies these accusations.
Supply chain compromises, which work by manipulating widely used software in order to hack its downstream users, have been a growing concern since suspected Russian hackers broke into Texas IT management company SolarWinds Corp ( SWI.N ) and used it as a springboard to hack into U.S. government agencies and a number of private companies.
Meyers, whose company was among those responding to the SolarWinds hack, said the Comm100 find was a reminder that other nations were using the same techniques.
“China is engaging in supply chain attacks,” he said.
Register now for FREE, unlimited access to Reuters.comRegister
Reporting by Raphael Satter and Christopher Bing; Editing by Chris Sanders and Jonathan Oatis
Our standards: the Thomson Reuters Trust Principles.
Christopher Bing
Thomson Reuters
Award-winning reporter covering the intersection of technology and national security with a focus on how the evolving cybersecurity landscape affects government and business.