Security firm Malwarebytes was infected by same hackers who hit SolarWinds
Security firm Malwarebytes said it was breached by the same nation-state-sponsored hackers who compromised a dozen or more US government agencies and private companies.
The attackers are best known for first hacking into Austin, Texas-based SolarWinds, compromising its software-distribution system and using it to infect the networks of customers who used SolarWinds’ network management software. In an online notice, however, Malwarebytes said the attackers used a different vector.
“While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor,” the notice stated. “We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments.” Investigators have determined that the attacker gained access to a limited subset of internal company emails. So far, the investigators have found no evidence of unauthorized access or compromise in any Malwarebytes production environments.