Explanation on the hacking of Driver Life update module
After several days of sleepless investigation, with the help of Shenzhen Net Security Detection, Tencent, 360, Kingsoft and other companies, we have basically sorted out the chain of events of this incident and published the events we have so far as follows.
At this point, the incident has come to a head. The hackers were lurking in this incident for a span of more than a month, with a high level of purpose and skill, and a certain level of understanding of the company's internal systems, fully indicating that this was a well planned targeted raid against our company by hackers. Due to our inadequate security management and low security awareness among our staff, this has resulted in infecting the computers of some users of earlier versions.
We decided to put a lot of effort into fixing server and intranet security and putting security in place. All company servers and all computer equipment on the intranet are thoroughly inventoried and organized, one cleaned and one restored, to ensure that no hacker is left to take advantage of the situation.
The Eternal Blue vulnerability can currently be effectively prevented and checked by the leading domestic antivirus software. In this incident, tens of thousands of users were hit by the Trojan horse as a direct result of our old upgrade component vulnerability, and we offer our sincerest apologies to those who suffered losses!
Ltd. and Tencent Enterprise Security Emergency Response Team for their overnight assistance in the investigation, helping us to identify the intrusion path in time and providing us with a number of security suggestions. Thereafter, the company will put safety first, restore normal software services as soon as possible, and provide safe and effective driver installation and update services to all users.
The road is rocky, the road is strong!
Shenzhen Drive Life Technology Co.
December 19, 2018