Get Permission
Investigators probing the supply chain attack that hit SolarWinds say attackers successfully hacked the company s Microsoft Visual Studio development tools to add a backdoor into software builds.
The backdoor, dubbed Sunburst, was added to the company s Orion network monitoring software beginning in March 2020. Up to 18,000 customers installed and ran the Trojanized software. Attackers then used the backdoor to target a subset of customers, perhaps numbering in the hundreds, for second-stage attacks, which could have led to data exfiltration, eavesdropping - including email inbox access - and follow-on attacks against business partners.
SolarWinds CEO Sudhakar Ramakrishna
On Monday, Austin, Texas-based SolarWinds released an update on its attack investigation, reporting that investigators have successfully reverse-engineered code that attackers injected into its software development tools.