SolarWinds hackers have targeted Malwarebytes |
American cybersecurity company Malwarebytes announced that it has been attacked by the same organization as computer software manufacturer SolarWinds.
The company said its break-in had nothing to do with the SolarWinds incident because it did not use SolarWinds software on its intranet, which is a gateway for hackers to gain access to any hacked company and federal agency. .
According to the cybersecurity company, the company used passive email protection products on Office 365 tenants to access its internal systems.
The company first discovered this type of monitoring after receiving a call on December 15 from the Microsoft Security Response Center about suspicious activity by third-party apps in its Office 365 environment.
The campaign was consistent with the tactics, techniques, and procedures used by the participants behind the SolarWinds attack.
MalwareBytes assures users of the anti-malware program that it has conducted extensive research and found that attackers can only access a limited subset of the company's internal email.
After reviewing the source code and redesigning the program, it found no evidence of unauthorized access.
Malwarebytes insists that Microsoft's Azure cloud service is not being used and that the software can still be used safely.
After attackers hacked the company's Orion network admin tool, the SolarWinds hack began in March.
They used product vulnerabilities to infiltrate SolarWinds customer systems, including Microsoft, the Department of Justice, the US Department of Energy and the National Administration of Nuclear Security.
Representatives from the FBI, the National Security Agency, the Cybersecurity Agency, and the Infrastructure Security Agency recently issued a joint statement declaring Russia the company most likely to commit violations.
After this new revelation, Malwarebytes became the fourth network security company in UNC2452 or Dark Halo Group, with earlier targets being Microsoft, FireEye and CrowdStrike.