Atlassian Under Siege From Chinese Hackers, Microsoft Discovers
The tech giant's threat intelligence team detected the intrusion, identifying the culprits as a nation-state threat actor dubbed Storm-0062, previously linked to China, as per the company tweet.
Earlier this year, Microsoft admitted a series of technical errors, including the hacking of one of its engineers, resulted in the Chinese government gaining access to the emails of high-ranking officials in the Biden administration.
Storm-0062 exploited a flaw in the Atlassian Confluence Data Center and Server, a popular collaborative wiki system utilized globally. The exploitation of this vulnerability tracked as CVE-2023-22515 began on Sept. 14, three weeks before Atlassian disclosed it to the public on Oct. 4, TechCrunch reported.
The vulnerability was rated at a maximum of 10.0, indicating its critical nature. It allowed remote attackers to create unauthorized administrator accounts, granting them access to Confluence servers. Atlassian, while confirming the exploitation by a known nation-state actor, had not directly linked the activity to China.
Ana Keltchina, a spokesperson for Atlassian, emphasized the company's commitment to customer security during this vulnerability. Collaborative efforts with Microsoft are underway to gather more information and assist customers in responding to the security threat.
Atlassian released a patch to address the flaw, specifically impacting on-premises Confluence Data Center and Server instances. Users need to upgrade their systems immediately to mitigate the risk of exploitation.
The incident came as the U.S. and China are already battling intensifying geopolitical tensions.
Price Action: TEAM shares traded lower by 2.39% at $201.07 at last check Wednesday.
Disclaimer: This content was partially produced with the help of AI tools and was reviewed and published by Benzinga editors.
© 2023 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.