The U.S. government has warned that multiple cybercriminal gangs, including a nation state-backed hacking group, exploited a four-year-old software vulnerability in order to compromise a U.S. federal government agency.
A joint alert released by the CISA, the FBI, and the Multi-State Information Sharing and Analysis Center (known as MS-ISAC) on Wednesday revealed that hackers from multiple hacking groups exploited known vulnerabilities in Telerik, a user interface tool for web servers. This software — designed for building components and themes for web applications — was running on the U.S. agency’s internet-facing web server.
CISA did not name the breached federal civilian executive branch (FCEB) agency, a list that includes the Department of Homeland Security, the Department of the Treasury and the Federal Trade Commission.
The Telerik vulnerability, tracked as CVE-2019-18935 with a vulnerability severity rating of 9.8 out of 10.0, is ranked among the most commonly exploited vulnerabilities in 2020 and 2021. The bug was first discovered in 2019 and the U.S. National Security Agency previously warned that it had been actively exploited by Chinese state-sponsored hackers to target computer networks that hold “sensitive intellectual property, economic, political, and military information.”