Microsoft says Chinese hackers used exploitation of SolarWinds to carry out the attack



SolarWinds the vulnerabilities remain targeted by foreign hackers months after a U.S. information technology company suffered a widespread cyber attack. On Tuesday, Microsoft said a group operating outside China used zero-day remote code execution to attack SolarWinds software. If used successfully, a lack of IT companies’ Serv-U software allows hackers to perform actions such as installing and running malicious software or viewing and modifying data, Microsoft noted blog post.

As part of its investigation, Microsoft said it noticed a hacker group targeting organizations in the U.S. military research and development sector and the software sector. The company marked the actor as DEV-0322 in relation to his status as an unidentified “development group”. Microsoft explained that it uses the tag before it achieves much confidence in the origin or identity of the hacker. The group, which operates from China, is using commercial VPN solutions and vulnerable consumer routers to carry out its attacks, Microsoft said. Those affected were notified and assisted in responding, the company said.

SolarWinds confirmed over the weekend that Microsoft notified him of a security vulnerability in its Serv-U software. The disadvantage is related to the managed file transfer of the product and the secured FTP, which has since been fixed.

SolarWinds gained a reputation overnight in December after it became a topic a a cyber attack on the supply chain it affected 18,000 of its customers, including nine U.S. government agencies. The U.S. intelligence service issued a joint statement in January with the appointment Russia as the most likely source of hacking. Next month, Reuters reported that suspected Chinese hackers took advantage of a separate flaw in SolarWinds software last year to help breach U.S. government computers. The latest vulnerability is not related to the so-called attack on the supply chain Sunburst, SolarWinds said.

All products recommended by Engadget are selected by our editorial team, regardless of our parent company. Some of our stories include associated links. If you buy something through one of these links, we may earn an associated commission.


Source link


Please enter your comment!
Please enter your name here