Microsoft has confirmed the violation of its systems by hackers invading SolarWinds, but denies infecting its customers.
Microsoft confirmed that it had been hacked by recent hacker attacks on SolarWinds, but denied that its software had been compromised enough to infect customers.
Last weekend it was discovered that Russian state hackers violated SolarWinds and used the auto-update mechanism to distribute a backdoor to their customers.
This malware is a backdoor, called Solarigate (Microsoft) or Sunburst (FireEye) and has reached approximately 18.000 SolarWinds customers, including the US Treasury Department, the US NTIA, the US Nuclear Weapons Administration and the US Department of Homeland Security.
Last night, Reuters published a report who said sources told him that Microsoft not only risked being attacked in SolarWinds, but that hackers had also modified Microsoft software to distribute malicious files to its customers.
In a tweet from Frank Shaw, Microsoft's vice president of communications, Microsoft denies the report's findings, based on current findings. Shaw confirmed that Microsoft had detected malicious SolarWinds binaries in their environment, but their systems were not used to endanger customers.
Apparently the story with SolarWinds is not simple, and it is predicted to turn into a big scandal. Let's wait for the developments.