More SolarWinds Attack Details Emerge A third piece of malware is uncovered, but there are still plenty of unknowns about the epic attacks purportedly out of Russia. As yet another piece of malware has been uncovered in the attack on SolarWinds network management system software, there still remain several missing elements needed to draw a complete picture of the massive cyberattacks against major US government agencies and corporations, including security vendor and incident response expert FireEye. SolarWinds and CrowdStrike this week detailed a third malware tool — dubbed Sunspot — that was found in the attack on the software vendor. Sunspot is a custom program that inserted the so-called Sunburst backdoor into the software build environment of SolarWinds' Orion network management product. CrowdStrike, which analyzed Sunspot on behalf of SolarWinds, says the tool was carefully planted somehow by the attackers and kept hidden from SolarWinds developers with sophisticated tracking and camouflaging so it couldn't be detected.