HomesecurityMicrosoft for SolarWinds: Hackers had access to the source code of three products

Microsoft for SolarWinds: Hackers had access to the source code of three products

Microsoft is looking into SolarWinds attacks after it discovered an unusual activity in its systems in December. The giant technology company yesterday completed its investigation and concluded that the hackers did not steal customer data. She also said she found no evidence that hackers had used her systems to attack their other victims - and there were many, including nine federal agencies and about 100 private sector companies. In fact, authorities estimate that up to 18.000 entities were affected, as this was the number of SolarWinds customers who received the malware.


Microsoft has previously admitted that the perpetrators stole part of its source code. According to its latest report, the threat agents downloaded the source code for three specific products: the Azure cloud computing service, the cloud management solution based on Intune and the mail and calendar server Exchange. In all three cases, Microsoft said the attackers only had access to small number of files, although they used search terms that indicate they focused on finding corporate secrets.

The massive hacking campaign started in October 2019, violating networks that used SolarWinds Orion network management tools. Microsoft analysis showed that invaders "Saw" its files for the first time at the end of November 2020. While they were cut off from the company's systems after Microsoft detected their intrusion, until January 2021 they were trying to regain access.

In addition to Microsoft, the attackers also hacked into their systems NVIDIA, Intel, Cisco and Belkin, as well as in government services, such as the US Department of Justice and the US Nuclear Safety Agency. In addition, the same attackers also tried to hack other companies - such as Malwarebytes - who do not use SolarWinds software. U.S. intelligence says the bomber struck shortly after noon in front of a U.S. military base Russia. Cybersecurity company Kaspersky recently revealed that the intruders used malware similar to that used by a hacking team operating on its behalf. Russian KGB.

Source of information:

Teo Ehc
Be the limited edition.