/?pid=25080

Updated:08:36 AM EST Jan 26


this is ggmania.com subsite China-linked hackers suspected of exploiting zero-day flaw in software used by ISPs - TechAmok

China-linked hackers suspected of exploiting zero-day flaw in software used by ISPs - [security]
09:59 AM EDT - Aug,28 2024 - post a comment

Black Lotus Labs has discovered a zero-day vulnerability in Versa Director servers, a virtualization platform widely used by ISPs and managed service providers. This vulnerability, potentially linked to Chinese state-sponsored hacker groups, poses a significant risk to these organizations.

Identified as CVE-2024-39717, this critical flaw was publicly announced on August 22, 2024, and affects all versions of Versa Director software prior to version 22.1.4. The vulnerability is particularly concerning for ISPs and MSPs, as they depend on Versa's software-defined wide area network (SD-WAN) applications to manage network configurations.

The vulnerability's discovery has caused alarm due to its potential to penetrate enterprise networks via Versa Director servers, which are responsible for essential network functions. Black Lotus Labs identified a custom web shell, named "VersaMem," that exploits this flaw to extract login credentials. A notable feature of VersaMem is its modularity, which allows it to load additional Java code directly into the server's memory, effectively evading detection.

Global monitoring data from Black Lotus Labs reveals that the vulnerability has been exploited through compromised small-office/home-office devices in attacks targeting four victims in the United States and one abroad. These attacks, primarily affecting the ISP, MSP, and IT sectors, have been ongoing since June 12, 2024. The attackers initially gain access by exploiting an exposed management port on the Versa Director, designed for connecting Director nodes for high availability, which they then use to deploy the VersaMem web shell. Black Lotus Labs suspects that Chinese state-sponsored hacker groups, known as Volt Typhoon and Bronze Silhouette, are orchestrating the exploitation of this vulnerability. Their analysis indicates that Volt Typhoon is actively targeting unpatched Versa Director systems.


Add your comment (free registrationrequired)

Short overview of recent news articles

Jan,26 2025 Samsung Galaxy S25 Ultra VS S24 Ultra VS S23 Ultra
Jan,25 2025 Install Windows 11 With A Local Account
Jan,25 2025 Is DLSS 4 Multi Frame Generation Worth It?
Jan,25 2025 Canadian took me inside a Chinese Factory... I Didn't Expect This
Jan,23 2025 Microsoft Will Automatically Keep You Signed in Your Microsoft
Jan,22 2025 OPERATION HADAL - Official Teaser Trailer | In Theaters February 28
Jan,22 2025 Laptops Might Never be the Same - Lenovo Yoga Slim 9i
Jan,22 2025 DEVOLVED - Phanteks EVOLV X2 Review
Jan,21 2025 Does PCIe 3.0 Affect Intel ARC Performance? Tested with Resizable
Jan,21 2025 From Street View To AI — How Google Maps Mapped The World
Jan,20 2025 Garmin Instinct 3 - Big Reasons to Upgrade!!
Jan,18 2025 iOS 19 may introduce a completely redesigned Camera app UI
Jan,18 2025 I replaced a $20,000 server with this
Jan,17 2025 Honor Magic 7 Pro After 1 Month - AI meets Performance
Jan,16 2025 Samsung Galaxy S25 Slim - FIRST LOOK
Jan,16 2025 ASUS ROG ALLY Going For Bazzite
Jan,16 2025 CREATION OF THE GODS II: DEMON FORCE - Official Trailer
Jan,15 2025 ChatGPT now allows you to schedule reminders and tasks
Jan,14 2025 Samsung Galaxy S25 Ultra - 9 New Updates
Jan,14 2025 Two expensive laptops compared - M4 Max vs Razer Blade 18
Jan,14 2025 Single Rail vs Dual Rail PSU - It might be time to upgrade...
Jan,13 2025 Steampunk 2150 - AI Short (Extended & Remastered) 4K
Jan,13 2025 Dacia Duster 2025 Snow Off Road vs Land Rover Discovery Sport
Jan,13 2025 CES 2025: You've Grabbed My Attention
Jan,12 2025 Kali Linux install in 5 minutes (Microsoft Windows)
Jan,12 2025 Asus Has New Mini PCs For CES 2025
Jan,12 2025 Absolutely Absurd RTX 50 Video Cards: Every 5090 & 5080 Announced So
Jan,11 2025 Password Cracking 101: From DES to ZIP
Jan,11 2025 Linux Mint 22.1 is nearly here
Jan,10 2025 AT&T Will Automatically Credit Customers for Outages
Jan,10 2025 OnePlus 13, 13R Boast Huge Batteries, Water Resistance
Jan,10 2025 Apple Arcade brings 10 new games in January 2025
Jan,10 2025 Best Robots at CES 2025 (Not)
Jan,09 2025 Hands-On With AMD FSR 4 - It Looks... Great?
Jan,08 2025 They Let me Game on AMD’s Unreleased MONSTER
Jan,08 2025 Best Antivirus vs Windows Defender: What's the difference?
Jan,07 2025 NVIDIA has revealed the prices for the RTX 5090, 5080 and 5070
Jan,07 2025 iPhone 16 pro SSD upgrade storage 128GB to 1TB
Jan,06 2025 WORLD'S TOUGHEST GPS WATCH Garmin FENIX 8 Pro
Jan,06 2025 HW News - NZXT Faces Legal Scrutiny, Final NVIDIA RTX 50 Rumors,
>> News Archive <<

TechAmok - Privacy Policy        loading time:0.01secs