- SolarWinds hackers attacked cyber security firm Malwarebytes, reports ZDNet.
- The company’s software remains “safe to use”, the CEO said.
- Malware bytes add to a growing list of businesses attacked by SolarWinds hackers.
- Visit Business Insider’s homepage for more stories.
The same group that breached IT software company SolarWinds last year hacked the cyber-security firm Malwarebytes and added it to the growing list of major security companies targeted by the group.
In an email, a Malwarebytes spokesman said based on the techniques of the attack, the company believed it was “the same threat actor” that attacked SolarWinds. According to Malwarebytes, hackers used a vulnerability in the Azure Active Directory and malicious Office 365 applications to compromise the enterprise’s internal systems, according to the story ZDNet first reported. The company said that the situation is not related to the violation of SolarWinds, as Malwarebytes does not use any of their systems.
The SolarWinds cap last year was an “attack chain attack” that led to violations by U.S. government agencies and other businesses. SolarWinds, FireEye, Microsoft, CrowdStrike and now Malwarebytes are all targeted by UNC2452 / Dark Halo, a group of US agencies said the Russian government is behind. FireEye told Insider on Tuesday that its researchers were seeing new attacks from the SolarWinds attacks, including the hacking of Microsoft 365 companies’ emails.
Read more: Top federal cyber security experts explain why the SolarWinds cyber attack is such a big deal – and why it’s too early to declare cyber war
Malwarebytes learned of the breach on December 15 from the Microsoft Security Response Center and has been investigating the case ever since, ZDNet reported. Marcin Kleczynski, the company’s CEO, told ZDNet that the hacker only gained access to a limited subset of the company’s internal email, adding that the “software is safe to use.”
In an email to Insider, a Malwarebytes spokesperson said: “While we were fortunate to experience a limited impact on our business, this scenario underscores the need for the industry to continue to work together in efforts to to prevent increasingly complex attacks by the nation state. “