The revelation comes from a source who has now decided to go on the record about claims made in a Bloomberg article last week that Chinese spies managed to access servers owned by dozens of top U.S. tech companies by tampering with hardware.
Bloombergâs sourceâsecurity expert Yossi Appleboum, who withheld the name of the telecom firm to avoid violating a non-disclosure agreementâsays the implant was built into a serverâs Ethernet port, giving Chinese hackers access to the companyâs networks.
Appleboum, who was the first to identify the tampering, reportedly providedÂ documents and other evidence to corroborate his claims that the Chinese government hired contractors to install malicious chips in Supermicro motherboards from 2013 to 2015.
Bloombergâs original article on Chinese tampering was heavily criticized for relying on anonymous sourcing. Amazon and Cupertinoâs Apple responded to the investigation with detailed takedowns of the reporting, which shook the publicâs faith in the initial story.
Supermicro, whose shares plummeted by 41 percent Oct. 4 after the initial revelations of tampered chips and by 27 percent after the latest report this week, emphatically denies allegations that it sold compromised hardware.
âWe still have no knowledge of any unauthorized components and have not been informed by any customer that such components have been found,â the company toldÂ Bloomberg. âWe are dismayed that Bloomberg would give us only limited information, no documentation and half a day to respond to these new allegations.â
On Monday, Apple execs sent a letter to the House and Senate commerce committees urging lawmakers to pressure Supermicro to brief them about the alleged breach.
Appleboum told Bloomberg that Supermicro isnât the only victim of Chinese tampering. âSupermicro is a victim,â he told the publication. âSo is everyone else.â