Get Permission
The CEO of security firm Malwarebytes says the hackers who attacked SolarWinds also targeted his company and gained access to a limited subset of internal company emails. While Malwarebytes does not use SolarWinds [hacked software], we, like many other companies, were recently targeted by the same threat actor,” Malwarebytes CEO Marcin Kleczynski notes in a blog. The hackers appear to have exploited a dormant email protection tool within the company s Office 365 system to gain access to a subset of the firm s emails, he says.
Malwarebytes was notified about the intrusion on Dec. 15, 2020, by the Microsoft Security Response Center. This was about the same time Microsoft notified security firm CrowdStrike of similar suspicious activity. The attempted intrusion against Crowdstrike was ultimately unsuccessful (see:
Kevin Thompson, president and CEO of SolarWinds, in a video message to customers about the attack
Security software vendor SolarWinds has updated multiple versions of its Orion network monitoring platform to remove the Sunburst backdoor that was added to its code as part of a massive supply chain attack. The updates also block Supernova malware that attackers installed by exploiting a flaw in Orion. But incident response experts have warned that full cleanup may take years. SolarWinds asks all Orion platform customers to update their Orion platform software as soon as possible to help ensure the security of your environment, the company said in a recently issued security advisory.