Malwarebytes hacked by SolarWinds hackers

The American company s Malwarebytes said today that he had been violated by the same group that violated the company SolarWinds last year.

Malwarebytes reported that the is not related to the SolarWinds incident, as the company does not use any SolarWinds software on its internal network.

The security company said the attackers compromised their internal systems by exploiting a vulnerability in the Azure Active Directory and through vulnerable Office 365 applications.

Malwarebytes said they learned about the hack from Microsoft Security Response (MSRC) on December 15th.

At the time, Microsoft was testing the Office 365 and Azure infrastructure for malicious signs of malware. by SolarWinds hackers, also known in cyber security cycles as UNC2452 or Dark Halo.

Malwarebytes said that upon learning of the breach, it launched an internal investigation to determine what the hackers had access to.

"After extensive investigation, we decided that the attacker only had access to a limited subset of the company's internal emails," said Marcin Kleczynski, co-founder and current CEO of Malwarebytes.

Because the hackers themselves broke into SolarWinds and then moved to "poison" the company's software with Sunburst malware, Kleczynski said they also carried out a very thorough check of all the company's products and source code by searching the company. any signs of violation.

"Our internal systems showed no indication of unauthorized access to any environment and production site.

“Our software remains in use," added Kleczynski.

Following today's revelation, Malwarebytes becomes the fourth security company breached by the UNC2452 / Dark Halo team, which US officials have linked to a Russian government spy operation.

The other companies were FireEye, Microsoft and CrowdStrike.

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).