Dell patches critical flaw exploited by Chinese hackers in
TL;DR
Dell fixed a critical flaw in RecoverPoint for Virtual Machines exploited by Chinese hackers since mid-2024.
Lead
Dell patched a critical flaw in RecoverPoint for Virtual Machines after discovering hackers linked to China had exploited the vulnerability since mid-2024. The issue involved hard-coded credentials in the system, enabling unauthorized access, lateral movement in corporate networks, and malware deployment in virtualized environments.
Development Section
RecoverPoint for Virtual Machines is Dell’s solution for data protection and recovery in virtual machine environments. The flaw was due to hard-coded credentials, meaning factory-set passwords embedded in the software code. These credentials allowed attackers administrative access even on updated and otherwise protected systems.
Cybersecurity experts say these credentials enabled hacker groups linked to the Chinese government to gain persistent access to corporate servers, moving undetected between virtual machines. They installed advanced malware and maintained control for extended periods, increasing risks of strategic data theft and critical operation disruptions.
Dell was alerted to the flaw following security incident investigations in financial and infrastructure companies. The vulnerability was rated high risk as it affects environments requiring high availability and resilience, such as databases, healthcare systems, and cloud providers.
In a statement, Dell announced a security update to remove the hard-coded credentials, urging immediate update of RecoverPoint for Virtual Machines. The company did not disclose the exact number of affected customers but reaffirmed its security commitment: “We are working with customers and partners to ensure all systems are protected.”
Developments and Outlook
The incident highlights the need to eliminate unsafe practices like hard-coded credentials in corporate software. The attack, attributed to hackers linked to China, exemplifies how state actors exploit such vulnerabilities for espionage and digital sabotage.
Companies using RecoverPoint for Virtual Machines should prioritize applying patches and review internal security policies, monitoring for unauthorized access and compromise signs. Experts recommend regular audits to detect embedded credentials and similar flaws in critical systems.
The case underscores that even major vendors like Dell can be entry points for sophisticated attacks when insecure development practices persist.
Content selected and edited with AI assistance. Original sources referenced above.
