Trojanized, Signed Comm100 Chat Installer Anchors Supply Chain AttackTrojanized, Signed Comm100 Chat Installer Anchors Supply Chain Attack
Malicious Comm100 files have been found scattered throughout North America, and across sectors including tech, healthcare, manufacturing, telecom, insurance, and others.
September 30, 2022
A new supply chain attack uses a Trojanized version of the Comm 100 Live Chat Application to compromise networks, and until Sept. 29, it was actively available for download from Comm 100's official website.
The Comm100 Live Chat application enables organizations to communicate with real-time chat and boasts more than 15,000 customers across 51 countries.
Researchers with CrowdStrike reported the malicious Comm100 installer was available for download on the company's website and was signed on Sept. 26.
Following the CrowdStrike disclosure, Comm100 has released an updated installer (10.0.9) on Thursday and is performing a deep analysis to learn more about the attack, the researchers said.
Despite the relatively short lifespan of the supply chain attack, the malware was able to infect several organizations, with some infections still active.
"The trojanized file was identified at organizations in the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe," the report on the supply chain attack said.
The CrowdStrike team members added they are moderately confident the threat actors are from China, based on several factors, including the use of the Chinese language in notes in the code.
About the Author(s)
You May Also Like
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingDec 12, 2023
SecOps & DevSecOps in the CloudDec 14, 2023
What's In Your Cloud?Jan 17, 2024
Everything You Need to Know About DNS AttacksJan 18, 2024