26.01.2022, 12:29
RTM Group Experts Find Malicious Code in Refined 1C Modules
Source: OREANDA-NEWS
OREANDA-NEWS. Data of several dozens of companies were stolen via malicious code in 1C modules. This is reported by researchers at RTM Group, which provides legal and consulting services in the field of IT and information security.
According to RTM Group malicious code was embedded in software during revision of modules by outsourced programmers. The modules in question were Accounting, Trade Management and Company Management. The company noted that at least a third of 1C users order completion of the system from third-party programmers. "As a result, refined modules at the time of verification of the license key sends information about the client base, payments and potential contracts to a particular e-mail address, pre-specified for this purpose," - say the experts.
A 1C representative told the newspaper that the company has no data on such incidents and the scheme described "does not seem technically feasible", as the license check is performed at the system "core" level, the code of which is closed. He also suggested that customers should only turn to certified partners for revision of the modules.
Solutions from 1C are widely used by Russian companies. According to IDC, which specialises in IT marketing, 1C has a 39.2% share of the Russian enterprise software market in 2020. Around 300,000 IT professionals program in 1C, said Boris Nuraliev, head of 1C, in 2020.
Alexander Dvoryansky, Director of Strategic Communications at Infosecurity a Softline Company, noted that such incidents may not be the result of malicious actions: executors may use third-party or free software in the public domain to perform tasks of revision and modernization of the solution, which source code is already "laced" with malicious software.
Комментарии