The nation state group that attacked solarwinds in december got inside malwarebytes by exploiting privileged access to its office 365 tenant the firm reveals. Malwarebytes said the hack gave the spies.
At the time microsoft was auditing its office 365 and azure infrastructures for signs of malicious apps created by the solarwinds hackers also known in cyber security circles as unc2452 or dark.
Malwarebytes solarwinds azure. Nevertheless the security firm embarked on a full investigation to. A fourth malware strain wielded by the solarwinds attackers has been detailed by symantec researchers followed by the disclosure of the attackers ingenous lateral movement techniques and the. Malwarebytes confirms solarwinds related attack through microsoft 365 and azure luke jones january 20 2021 3 15 pm cet here s microsoft s windows 10x running on a surface pro 7 and m1 macbook.
As the hackers behind solarwinds trojanized a software update to infiltrate dozens of its clients malwarebytes found it necessary to investigate its software source codes to rule out the. Fortunately malwarebytes never hooked up microsoft s azure clouds service with malwarebytes antivirus production environments. While malwarebytes does not use solarwinds we like many other companies were recently targeted by the same threat actor.
We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to microsoft office 365 and azure environments. Malwarebytes whose products include widely used anti malware tools for consumers and businesses said that it does not use solarwinds but believes that the same attacker used another intrusion vector that works by abusing applications with privileged access to microsoft office 365 and azure environments. In a statement the santa clara california based company said that while it did not use software made by solarwinds the company at the center of the breach it had been successfully targeted by the same hackers who were able to sneak into its microsoft office 365 and microsoft azure environments.
Malwarebytes software is safe to use malwarebytes discovered that the threat actor that coordinated the solarwinds hack used applications with privileged access infiltrate the company s microsoft. A flaw in azure active directory.
Malwarebytes Targeted By Nation State Actor Implicated In Solarwinds Breach Evidence Suggests Abuse Of Privileged Access To Microsoft Office 365 And Azure Environments Malwarebytes Labs Malwarebytes Labs