There could be another group of hackers at work in the wake of the devastating Solarwinds attack.
The second hacking attempt by MicroSt.
Earlier in the attack, Russian actors hacked software updates for the popular network monitoring tool Solarwinds Orion, described as a “supply chain” hack. As a result, several government agencies were disbanded. According to the Wall Street Journal, many large Big Tech companies have also installed Solarwinds software, including Cisco, Intel and VMware.
FTC cracks down investment scams, complaints of files
“In an interesting twist of events, an investigation into the settlement of the entire Solarwinds led to the discovery of an additional malware,” the Micro .fte post said.
The company said the attack could affect as many as 18,000 Solarwinds customers.
Although the second attack took place after Solarwinds’ Orion product, MicroSF decided it was “unrelated to this compromise and used by another threatening actor,” believed to be another cybercrime organization.
In the blog post, Microsoft refers to the dynamic link library and describes the additional malware found as “a small perspective backdoor in the form of a DLL file”. Files with the “.DLL” extension are commonly found in Windows.
Unlike the original attack, “this malicious DLL does not have a digital signature, indicating that this is not related to the first attack”, Microsoft explained.
Redmond, Wash-based Microsoft has not identified the malware by name, but an analysis by security researchers at Palo Alto Networks identifies it as a “supernova.”
There has been some confusion because security researchers thought the supernova was probably tied to the first attack, according to Zednet. However, the news outlet reported that this was not the case, citing follow-up analysis by MicroS.FT’s security teams. Upshot shots are companies that have solarwinds with supernovae that need to be handled as a separate attack.
Researchers found credit card ‘skimmers’ in social media buttons
Experts believe more remains to be revealed about these attacks and how widespread they were.
“Still not much is known, including how the supply chain was hacked, how vectors other than solarwinds were used, how many victims were affected, what the objectives of the adversary were and what information they were able to obtain, including what they contained. “It will do so with information and more,” said Suzanne Spaulding, a consultant at Nozomi Networks and former DHS undersecretary of cyber and infrastructure, in a statement sent to Foz News. “Eliminating this threat will be a battle. This is not an enemy that, once discovered, escapes. They will fight to maintain a consistent presence, returning once the boots are on. ”
Fox News has contacted Solarwinds for comment.
Click here to get the Fox News app
