Chinese Spying Chips Found In US Servers

A media report revealed details of a big supply chain attack which appears to be one of the largest corporate espionage and hardware hacking programs funded by a nation.

According to a extensive report published by Bloomberg, a small surveillance chip, has been found hidden in the servers used by nearly 30 American companies, including Apple and Amazon. The malicious chips, which were not part of the original server motherboards designed by the U.S company Super Micro, had been inserted during the assembly process in China.

The report, based on a 3-year-long top-secret investigation in the United States, explains that the Chinese government groups managed to infiltrate the supply chain to install tiny surveillance chips to motherboards which ended up in servers used by U.S. military, U.S. intelligence agencies, and big companies like Apple and Amazon.

“Apple made its discovery of suspicious chips inside Supermicro servers around May 2015, after detecting odd network activity and firmware problems, according to a person familiar with the timeline,” the report stated.

“Since the implants were small, the amount of code they contained was small as well. But they were capable of doing two very important things: telling the device to communicate with one of several anonymous computers elsewhere on the internet that were loaded with more complex code; and preparing the device’s operating system to accept this new code.”

These chips have been added to help Chinese government spy on American companies and their users, which is basically a “hardware hack” that according to the report is “more difficult to pull off and potentially more devastating, promising the kind of long-term, stealth access that spy agencies are willing to invest millions of dollars and many years to get.”

Depending on the motherboard model, the chips varied slightly in size and installation place, suggesting that the attackers had supplied different assembly lines with different batches,” the report said.

The Bloomberg publication claims that Apple and Amazon found these chips on their servers  in 2015 and reported it to authorities, though both Apple and Amazon strongly disagree with the claims.

 

Recent Articles

Hackers Install Secret Backdoor on Thousands of Microsoft SQL Servers

Cybersecurity researchers today uncovered a sustained malicious campaign dating back to May 2018 that targets Windows machines running MS-SQL servers to deploy...

COVID-19: SentinelOne Offers Free Platform Access

As the world battles COVID-19, enterprises are coping with immediate work-from-home needs and the challenges of protection beyond the network perimeter, says...

XSS vulnerability in the HTML Data Processor for CKEditor 4.0

A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web...

Unpatchable Flaw Affects All Intel CPUs Released in Last 5 Years

All Intel processors released in the past 5 years contain an unpatchable vulnerability that could allow hackers to compromise almost every hardware-enabled...

Photon: Light and Fast Web Crawler

Photon is a lightning fast web crawler which extracts URLs, files, intel & endpoints from a target. 160 requests per second while extensive...

Related Stories

Leave A Reply

Please enter your comment!
Please enter your name here

Stay on op - Ge the daily news in your inbox