The American security company Malwarebytes said today that he had been violated by the same group that violated the company SolarWinds last year.
Malwarebytes said its hack was not related to the SolarWinds incident, as the company did not uses no SolarWinds software on its internal network.
The security firm said attackers breached their internal systems by exploiting a weakness in Azure Active Directory and through vulnerable applications of Office 365.
Malwarebytes said it learned of the intrusion from the Microsoft Security Response Center (MSRC) on December 15.
At the time, Microsoft was testing the Office 365 and Azure infrastructure for malicious signs of malware. by SolarWinds hackers, also known in cyber security cycles as UNC2452 or Dark Halo.
Malwarebytes said that as soon as it learned of the breach, it launched an internal investigation to determine what hackers had access to.
"After extensive investigation, we decided that the attacker only had access to a limited subset of the company's internal emails," said Marcin Kleczynski, co-founder and current CEO of Malwarebytes.
Because the hackers themselves broke into SolarWinds and then moved to "poison" the company's software with Sunburst malware, Kleczynski said they also carried out a very thorough check of all the company's products and source code by searching the company. any signs of violation.
"Our internal systems showed no indication of unauthorized access to any environment and space production.
"Our software remains safe to use," Kleczynski added.
Following today's disclosure, Malwarebytes becomes the fourth security company to be breached by the UNC2452/Dark Halo group, which US officials have linked to a cyber espionageof Russia.
The other companies were FireEye, Microsoft and CrowdStrike.