Microsoft says SolarWinds hackers have entered its source code

The hackers behind the massif SolarWinds Cyberattack, an allegedly Russian-backed operation that compromised the networks of many U.S. agencies and Fortune 500 companies, also broke into Microsoft’s internal systems and gained access to one of the company’s most closely-kept secrets: its source code.

“We detected unusual activity with a small number of internal accounts and upon examination, we found that one account had been used to view source code in a number of source code repositories,” the team said. Microsoft Security Response Center in a blog post Thursday.

Microsoft had previously confirmed that it, like dozens of other cyberattack victims, unknowingly downloads malicious code hidden in SolarWinds’ popular network management tool, Orion Platform. But Thursday’s disclosure is her first admission that hackers have accessed the company’s internal systems.

It’s unclear exactly which parts of Microsoft’s source code repositories the hackers managed to get their hands on. Three people informed on the subject told Reuters that Microsoft has known for days that its source code has been breached. When contacted for comment on the matter, a Microsoft spokesperson told the point of sale that its security team is working “around the clock” and that “when there is actionable information to share, they published and shared them ”.

The company said Thursday that the compromised account could only see Microsoft’s source code because it did not have the necessary permissions to tamper with it. Although its internal investigation is still ongoing, Microsoft said it has so far found “no evidence of access to production services or customer data” and “no indication that our systems have been used to attack other people”.

While hackers may not have been able to modify Microsoft’s source code, just taking a look at the company’s secret sauce could have dire consequences. Bad actors could use this kind of information about the inner workings of Microsoft’s services to help them bypass its security measures in future attacks. Hackers basically drew up plans on how to potentially hack Microsoft products.

Experts believe that Russian state sponsored group known as the SolarWinds infiltrator ATP 29 as early as 2019, but the attack went under the radar until earlier this month. The team of highly sophisticated hackers allegedly used malware hidden in the Texas-based software company’s product, which could covertly collect user data such as internal correspondence, keystrokes, and credentials.

According to SolarWinds, more than half of its 33,000 Orion customers may have been infected. Its client base includes Homeland Security, State and Treasury departments among dozens of other federal agencies as well as three-quarters of the companies on the Fortune 500 list. Federal investigations are still ongoing and within reach of. the attack is still uncovered, as illustrated by Microsoft’s latest disclosure.