Search This Blog

Powered by Blogger.

Blog Archive

Labels

Experts Reported Data Theft in Dozens of Companies Through Modified 1C Modules

The attackers stole the personal information of several dozen companies using a new malicious code in 1C modules.

 

RTM Group found the malicious code in the finalized 1C software by outsourced programmers. Experts estimate that with its help the fraudsters could steal the data of several dozens of companies. 1C called the described scheme technically imperfect and recognized that the platform modules can be finalized by third-party specialists and subsequently used by criminals. 

A representative of the information security company RTM Group said that the data of several dozen companies were stolen through malicious code in 1C modules, which were being finalized by programmers on outsourcing. 

According to him, at least a third of 1C users order the completion of some modules from third-party programmers who can embed malicious code in them. As a result, such modules, when checking the license key, send the data available in them about customers, payments, and potential contracts to an email address that is pre-registered. 

The victims of the scheme were several dozen companies engaged in the trade or distribution of software. The representative of the RTM Group noted that the materials were sent to law enforcement agencies. 

The representative of 1C called the described scheme technically imperfect since the license check is performed at the "core" level of the system, the code of which is closed. At the same time, he acknowledged that the platform modules can be modified by third-party specialists and used by attackers in the future. 

According to IDC, the share of 1C software in the corporate market in Russia in 2020 was 39.2%. Small and medium-sized businesses, which do not have money for their own IT departments, and they turn to small firms, are at risk of getting to scammers first of all.

“There are hundreds of thousands of 1C programmers in Russia, some of them can really be intruders, especially in the current deteriorating economic environment,” explained Pavel Korostelev, head of the Security Code company’s product promotion department. 

Alexander Dvoryansky, Director of Strategic Communications at Infosecurity a Softline Company, noted that such incidents do not always occur maliciously, as programmers when finalizing the module may use third-party or free software, the source code of which already contains malicious code.
Share it:

1C

Cyber Crime

Data Leakage

Information Leakage

Malicious Codes

Russia