China’s state-sponsored hacking campaign Volt Typhoon is exploiting a bug in a California startup to hack US and Indian internet companies, security researchers say.
Volt Typhoon has compromised four U.S. companies, including internet service providers, and another in India via a vulnerability in a Versa Networks server product, according to Black Lotus Labs, a unit of Lumen Technologies. Its assessment, much of which was published in a blog post on Tuesday, concluded with “moderate confidence” that Volt Typhoon was behind the breaches of unpatched Versa systems and said the exploit was likely ongoing.
Versa, a company that makes network configuration management software and has attracted investment from Blackrock and Sequoia Capital, disclosed the bug last week and offered a patch and other fixes.
