New Threat Research: Uncovering Adversarial LDAP Tradecraft

Read Threat Research


China Sneaks Malicious Chipset onto Wide Range of Devices

An investigation which has been taking place since 2015, has revealed a Chinese cyber-operation which compromised a significant number of devices.  The victims of this attack include the U.S. Intelligence Community, U.S. Military, and Corporations like Apple and Amazon.  The attack was carried out utilizing a microchip that is smaller than a grain of rice.  The chip only contains a couple of lines of code and was installed on motherboards made by Supermicro.  Those lines of code instruct the servers that the motherboards are installed on to be open to outside modification and allow attackers to send code to the computers remotely, allowing backdoor access into a significant number of devices.  It is also believed that the chips would allow for remote kill commands to destroy affected devices as well as affording attackers a method of sending false data to targeted systems.  The attack was only found after Amazon began investigating a company called Elemental and had a number of Elementals servers sent out for a full inspection, during which the chips were discovered.