Skip to Content

Comm100 Live Chat Supply Chain Attack

Updated on 2022-10-04

Cyber adversaries hijacked the installer for commercial chat provider Comm100 to propagate a trojan malware via its Windows Desktop agent software. Read more: Report: Commercial chat provider hijacked to spread malware in supply chain attack

Updated on 2022-10-03: Comm100 supply chain attack

CrowdStrike said on Friday that it detected that a suspected Chinese threat actor compromised the infrastructure of Comm100, a Canadian company that provides customer support chat applications, and has modified one of its installers to deliver malware to its customers’ networks. The security vendor said the compromise was short-lived and only lasted from September 27 through September 29, when its security team detected malware being delivered through the platform.

The trojanized file was identified at organizations in the industrial, healthcare, technology, manufacturing, insurance and telecommunications sectors in North America and Europe.

Read more:

Overview: Comm100 Live Chat Supply Chain Attack

The CrowdStrike Falcon Platform has identified a supply chain attack targeting the Comm100 Live Chat app. Attackers Trojanized an installer for the Comm100 Live Chat app; the malicious version of the installer appears to have been available between September 26 and 29. Comm100 has since released an updated installer (version 10.0.9).


  • If you’re using the Comm 100 live chat app make sure that you’re using the updated installer. Make sure that your EDR platform can detect malicious installers.


    Ads Blocker Image Powered by Code Help Pro

    It looks like you are using an adblocker.

    Ads keep our content free. Please consider supporting us by allowing ads on