Second hacking team was targeting SolarWinds at time of big breach

By Christopher Bing (Reuters) - A second hacking group, different from the suspected Russian team now associated with the major SolarWinds data breach, also targeted the company's products earlier this year, according to a security research blog by Microsoft. 'The investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion product but has been determined to be likely unrelated to this compromise and used by a different threat actor,' the blog said

Reuters December 20, 2020 00:11:41 IST
Second hacking team was targeting SolarWinds at time of big breach

Second hacking team was targeting SolarWinds at time of big breach

By Christopher Bing

(Reuters) - A second hacking group, different from the suspected Russian team now associated with the major SolarWinds data breach, also targeted the company's products earlier this year, according to a security research blog by Microsoft.

"The investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion product but has been determined to be likely unrelated to this compromise and used by a different threat actor," the blog said.

Security experts told Reuters this second effort is known as "SUPERNOVA." It is a piece of malware that imitates SolarWinds' Orion product but it is not "digitally signed" like the other attack, suggesting this second group of hackers did not share access to the network management company's internal systems.

It is unclear whether SUPERNOVA has been deployed against any targets, such as customers of SolarWinds. The malware appears to have been created in late March, based on a review of the file's compile times.

The new finding shows how more than one sophisticated hacking group viewed SolarWinds, an Austin, Texas-based company that was not a household name until this month, as an important gateway to penetrate other targets.

In a statement, a SolarWinds spokesman did not address SUPERNOVA, but said the company "remains focused on collaborating with customers and experts to share information and work to better understand this issue."

"It remains early days of the investigation," the spokesman said.

(Reporting by Christopher Bing; Editing by Daniel Wallis)

This story has not been edited by Firstpost staff and is generated by auto-feed.

Updated Date:

TAGS:

Find latest and upcoming tech gadgets online on Tech2 Gadgets. Get technology news, gadgets reviews & ratings. Popular gadgets including laptop, tablet and mobile specifications, features, prices, comparison.

also read

Scotland's seafood exporters dealt new post-Brexit blow
World

Scotland's seafood exporters dealt new post-Brexit blow

By Kate Holton LONDON (Reuters) - The post-Brexit woes facing Scotland's fishing industry deepened on Saturday as its biggest logistics provider, DFDS Scotland, said it would halt exports to the European Union through one of its main services until at least Wednesday. Previously the company had said it would take until Monday to resume its "groupage" export service - which allows exporters to ship multiple products in a single consignment - while it tries to fix IT issues, paperwork errors and a backlog of goods. DFDS's move represents another blow for Scottish fishermen who this week warned that their businesses could become unviable after Britain shifted to a less integrated trade deal with the EU at the turn of the year

Pope Francis to have COVID-19 vaccine as early as next week
World

Pope Francis to have COVID-19 vaccine as early as next week

VATICAN CITY (Reuters) - Pope Francis said on Saturday he planned to be vaccinated against COVID-19 as early as next week and urged everyone to get a shot, to protect not only their own lives but those of others.

U.S. Senator urges mobile, social media providers to keep Capitol rioters' data as man seen seizing Speaker's lectern arrested
World

U.S. Senator urges mobile, social media providers to keep Capitol rioters' data as man seen seizing Speaker's lectern arrested

By Rich McKay (Reuters) - A man photographed carrying off the Speaker's lectern during the Capitol Hill riots was arrested late Friday, while a top Democratic lawmaker on Saturday called on mobile carriers to preserve social media content related to the riots. Dozens of people have been charged following the storming of the Capitol on Wednesday, with the FBI asking the public for help identifying participants, given the proliferation of images of the riots on the internet.