In a bombshell report earlier this week, Bloomberg revealed that tiny spy chips were planted on Apple and Amazon’s servers by Chinese spies. And yesterday, we saw official responses from the company strongly denying the occurrence of such an incident. The servers in question were made by Supermicro.
Now the latest report tells us that some of those servers were also infiltrated with malware. Both Apple and Facebook have confirmed this fact. However, let me clarify that this malware attack doesn’t mention any involvement of an alleged spy chip.
Facebook says that it found the compromised servers in 2015 and the malware was present on “a limited number of Supermicro hardware” that was used only “for testing purposes confined to our labs.”
Facebook claims that the malware attack did not affect users. However, the situation doesn’t look great for a company dealing with a data breach that affected 50 million people.
Apple, on the other hand, denies it was hit by the microchips, but it acknowledged the discovery of the malware on a single server in 2016. In the official response issued by the company, it cited malware as the reason for dropping Supermicro as a vendor.
According to Bloomberg, a Supermicro online portal that facilitated software updates was breached by Chinese attackers in 2015. After that, the firmware was modified for those network cards that had the malicious code in them.
Even though both the companies have claimed that the malware attack was on a very small scale, the fact that Chinese actors managed to compromise U.S. security, is quite significant. In the upcoming days, it’d be interesting to see the future implications of this revelation.
