This site may contain outdated or incomplete information.
Compromised Comm100 Live Chat Application Infects Customers
Comm100 is a customer engagement software provider with at least 15,000 customers across 51 countries. The company’s website distributed a Trojanized “Live Chat” installer, signed with a valid Comm100 Network Corporation certificate, from at least September 27 until September 29, 2022.
Impact
According to CrowdStrike “the trojanized file was identified at organizations in the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe”.
“The Comm100 installer is an Electron application in which the attackers injected a JavaScript backdoor, within the main.js file of the embedded archive. When executed, the backdoor fetches and runs a second-stage script from an external resource” that “provides the attackers with remote shell functionality.”
An updated Comm100 installer has been released.
Type of Compromise
This incident fits the Publishing Infrastructure definition.
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.