Damn, NXP. Get your shit together. I like their ARM chips but I guess their infosec practices are lagging pretty badly.

This is the best summary I could come up with:

A prolific espionage hacking group with ties to China spent over two years looting the corporate network of NXP, the Netherlands-based chipmaker whose silicon powers security-sensitive components found in smartphones, smartcards, and electric vehicles, a news outlet has reported.

The intrusion, by a group tracked under names including “Chimera” and “G0114,” lasted from late 2017 to the beginning of 2020, according to Netherlands-based news outlet NCR, which cited “several sources” familiar with the incident.

“Once nested on a first computer—patient zero—the spies gradually expand their access rights, erase their tracks in between and secretly sneak to the protected parts of the network,” NCR reporters wrote in an English translation.

According to the log files that Fox-IT finds, the hackers come every few weeks to see whether interesting new data can be found at NXP and whether more user accounts and parts of the network can be hacked.”

We are taking steps to identify the malicious activity and are implementing remedial measures to increase the security of our systems and networks to respond to evolving threats and new information.

NXP also provides chips for the MIFARE card used by transit companies, FIDO-compliant security keys, and tools for relaying data inside the networks of electric vehicles.

The original article contains 986 words, the summary contains 203 words. Saved 79%. I’m a bot and I’m open source!