Malicious software has been found on tools at seven shipping and logistics companies across the globe that pulled the firms’ financial, customer and operational data into a Chinese botnet, MarketWatch reports.
Cyber outfit TrapX first detected the malware in scanner software about six months ago while doing security testing for one shipping company. The botnet — a network of infected computers that is controlled as a group without its owners knowing — was traced to the Lanxiang Vocational School, which is speculated to serve as a hub of anti-U.S. hacking.
TrapX found infections on 16 of its customers' 48 scanners made by a Chinese manufacturer located near the school.
“This is a serious supply-chain issue,” says Carl Wright, general manager of North America for TrapX. “It was only a matter of time before people took advantage of the supply chain to infiltrate our organizations.”