Chinese-Made Inventory Scanners Allow Hackers to Track Shipments
Malware traced to China was found on tools at seven shipping and logistics firms.
Malicious software has been found on tools at seven shipping and logistics companies across the globe that pulled the firms’ financial, customer and operational data into a Chinese botnet, MarketWatch reports.
Cyber outfit TrapX first detected the malware in scanner software about six months ago while doing security testing for one shipping company. The botnet — a network of infected computers that is controlled as a group without its owners knowing — was traced to the Lanxiang Vocational School, which is speculated to serve as a hub of anti-U.S. hacking.
TrapX found infections on 16 of its customers' 48 scanners made by a Chinese manufacturer located near the school.
“This is a serious supply-chain issue,” says Carl Wright, general manager of North America for TrapX. “It was only a matter of time before people took advantage of the supply chain to infiltrate our organizations.”
Read the rest at ThreatWatch, Nextgov’s regularly updated index of cyber breaches.