Get Permission
Investigators probing the supply chain attack that hit SolarWinds say attackers successfully hacked the company's Microsoft Visual Studio development tools to add a backdoor into software builds.
The backdoor, dubbed "Sunburst," was added to the company's Orion network monitoring software beginning in March 2020. Up to 18,000 customers installed and ran the Trojanized software. Attackers then used the backdoor to target a subset of customers, perhaps numbering in the hundreds, for second-stage attacks, which could have led to data exfiltration, eavesdropping - including email inbox access - and follow-on attacks against business partners.
SolarWinds CEO Sudhakar Ramakrishna
On Monday, Austin, Texas-based SolarWinds released an update on its attack investigation, reporting that investigators have successfully reverse-engineered code that attackers injected into its software development tools.