Min menu


SolarWinds hackers targeted Malwarebytes



U.S. cybersecurity firm Malwarebytes has revealed that it was hacked by the same group that hacked into it software company SolarWinds.

The company says its intrusion has nothing to do with the SolarWinds incident because it does not use any SolarWinds software in its internal network, which served as access to the systems of all the federal companies and agencies that hacked it.

According to the cybersecurity firm, the group used the inactive email protection product within the Office 365 tenant to access its revenue systems.

The company first discovered spam after receiving a call from Microsoft's security response center on December 15th about suspicious activity from a third-party application in its Office 365 environment.

This activity was consistent with the tactics, techniques, and actions used by the perpetrators behind the SolarWinds attacks.

Malwarebytes confirms to users of anti-malware software that it conducted an extensive investigation and determined that the attackers had only access to a limited subset of the company's internal emails.

When examining its source code and re-engineering its software, you found no evidence of unauthorized access.

Malwarebytes asserts that it does not use Microsoft's Azure cloud services and that its software remains secure for use.

The SolarWinds hack began sometime in March after the attackers hacked into the company's Orion network management tools.

They used a security vulnerability in this product to infiltrate SolarWinds customer systems, including Microsoft, the Department of Justice, the U.S. Department of Energy, and the National Nuclear Security Administration.

Representatives from the FBI, the National Security Agency, and the Cybersecurity and Infrastructure Security Agency recently released a joint statement describing Russia as the most likely entity behind the hacks.

After the new revelation, Malwarebytes became the fourth major cybersecurity company to be targeted by UNC2452 or Dark Halo, formerly target companies including Microsoft, FireEye, and CrowdStrike.