Suspected Russian hackers targeted cyber firm Malwarebytes


This incident is the latest example of the attackers targeting security companies in the course of the hacking campaign. They stole tools from the firm FireEye Inc and attempted to breach Crowdstrike Inc through similar tactics they used against Malwarebytes. — Bloomberg

Suspected Russian hackers targeted the cybersecurity company Malwarebytes Inc in the course of a sprawling cyberattack that targeted US government agencies and companies.

The attacker abused “applications with privileged access to Microsoft Office 365 and Azure environments”, according to a Tuesday blog post by chief executive officer Marcin Kleczynski. He said the attack was part of the same hacking campaign that has utilised infected software from SolarWinds Corp to target other organisations.

“After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails. We found no evidence of unauthorised access or compromise in any of our internal on-premises and production environments,” Kleczynski wrote.

On Dec 15, Microsoft alerted Malwarebytes about “suspicious activity from a third-party application” that was consistent with the behaviors of the SolarWinds’s attackers.

This incident is the latest example of the attackers targeting security companies in the course of the hacking campaign. They stole tools from the firm FireEye Inc and attempted to breach Crowdstrike Inc through similar tactics they used against Malwarebytes.

“These attackers were clearly sophisticated and primarily targeted federal agencies and security companies, as far as I’m aware,” Kleczynski said in an email to Bloomberg News.

FireEye’s investigation into its own breach last month revealed that the hackers had installed malicious code into SolarWinds’s Orion software, which is used by government agencies and Fortune 500 companies. The malicious code, which customers received by updating the software, provided a launching pad of sorts for further attacks by the hackers into computer networks.

According to SolarWinds, as many as 18,000 of its customers may have received infected updates, though the hackers are believed to have conducted further intrusions in far fewer of them. Malwarebytes isn’t a SolarWinds customer. – Bloomberg

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 18
Cxense type: free
User access status: 3
   

Did you find this article insightful?

Yes
No

Next In Tech News

‘Grand Theft Auto’ blamed for recent surge in carjackings in Chicago; gaming experts object
Driverless bus hits streets of Malaga in southern Spain
How tweet deleting increased in 2020
This website will tell you the time in the most memorable of ways
Do the locomotion: Trainspotting hobbyists gather steam online Premium
New Indian social media rules could threaten free expression, critics warn
Bitcoin extends retreat from record high to hit lowest in 20 days
New Zealand to use AI-enabled drones to track endangered dolphins
Judge in Google case disturbed that even ‘incognito’ users are tracked
McDonald's will test plant-based food, following Beyond Meat partnership

Stories You'll Enjoy


Vouchers