Cyber ​​Security Firm Malwarebytes Breached By SolarWinds Hackers

by



[ad_1]

  • SolarWinds hackers have attacked cybersecurity firm Malwarebytes, ZDNet reported.
  • The company’s software remains “safe to use,” the CEO said.
  • Malwarebytes joins a growing list of companies attacked by SolarWinds hackers.
  • Visit the Business Insider homepage for more stories.

The same group that raped computer software company SolarWinds last year hacked cybersecurity firm Malwarebytes, adding to the growing list of top security companies targeted by the group.

In an emailed statement, a spokesperson for Malwarebytes said that based on the techniques of the attack, the company believes it was “the same threat actor” who attacked SolarWinds. According to Malwarebytes, hackers used a weakness in Azure Active Directory and malicious Office 365 applications to breach internal company systems, according to the story first reported by ZDNet. The company said the situation was unrelated to the SolarWinds breach because Malwarebytes does not use any of their systems.

The SolarWinds hack last year was a “supply chain attack” that led to breaches at US government agencies and other businesses. SolarWinds, FireEye, Microsoft, CrowdStrike and now Malwarebytes have all been targeted by UNC2452 / Dark Halo, a group of US agencies said the Russian government was behind. FireEye told Insider on Tuesday that its researchers were seeing new forays into SolarWinds attacks, including hacking into Microsoft 365 corporate emails.

Read more: Top Federal Cyber ​​Security Experts Explain Why SolarWinds Cyber ​​Attack Is So Serious – And Why It’s Too Early to Declare Cyber ​​War

Malwarebytes learned of the breach on December 15 from the Microsoft Security Response Center and has since investigated the case, ZDNet reported. Company CEO Marcin Kleczynski told ZDNet that the hacker only had access to a limited subset of the company’s internal emails and added that “the software remains safe to use.”

In an emailed statement to Insider, a spokesperson for Malwarebytes said, “While we were fortunate enough to experience limited impact on our business, this scenario underscores the need for industry to continue to collaborate. to efforts to prevent attacks from increasingly complex nation states. “

[ad_2]

Source link