Hackers target Confluence
Chinese state-linked hackers have targeted Australian tech giant Atlassian.
Hackers reportedly exploit a severe security vulnerability in the company’s Confluence software to infiltrate customers' systems.
This flaw has been rated with the highest severity due to its potential for anonymous and remote exploitation.
Atlassian informed its customers that a “known nation-state actor is actively exploiting [the vulnerability]” this week.
Microsoft's cybersecurity division has identified this threat actor as Storm-0062, DarkShadow, or Oro0lxy, attributing it to China.
Atlassian has refrained from naming a suspect country.
Atlassian reported the security gap on October 4, which allows hackers to breach Confluence systems and establish administrator accounts.
Subsequently, they can access sensitive information within Confluence or execute further attacks if the system contains details of the victim's broader IT infrastructure.
The cloud-based version of Confluence remains unaffected.
Atlassian urges customers using older versions of Confluence on their own systems to upgrade to versions without the vulnerability.