19 February 2021

SolarWinds hackers downloaded some Azure, Intune, Exchange source code


SolarWinds hackers downloaded some Azure, Intune, Exchange source code

Microsoft has released a final report regarding its internal investigation into the SolarWinds breach, which was initiated after the company detected an unusual activity on its systems back in December.

The investigation revealed that the attackers got access to some repositories and downloaded source code for three company’s products, namely the cloud computing service Azure, the cloud-based management solution Intune and the mail and calendar server Exchange. In all cases the hackers only downloaded a small subset of files, Microsoft says, and search terms used by the threat actor indicate that they were interested in company’s secrets.

“Our development policy prohibits secrets in code and we run automated tools to verify compliance. Because of the detected activity, we immediately initiated a verification process for current and historical branches of the repositories. We have confirmed that the repositories complied and did not contain any live, production credentials,” Microsoft said.

The tech giant stressed that the attackers did not gain access to any of its products or services, as well as the vast majority of source code. Also, the company did not find any evidence that its systems were used to launch attacks against other victims. Microsoft also determined that no production services or customer data were compromised during the breach.

Back to the list

Latest Posts

Vulnerability in Trend Micro antivirus products exploited in the wild

Vulnerability in Trend Micro antivirus products exploited in the wild

The flaw affects Trend Micro Apex One, Apex One SaaS, and OfficeScan Corporate Edition.
22 April 2021
University of Minnesota banned from Linux development for submitting buggy patches

University of Minnesota banned from Linux development for submitting buggy patches

Two graduate students at the University of Minnesota deliberately introduced known security bugs in the Linux kernel in the name of research.
22 April 2021
Qlocker ransomware campaign targets QNAP devices across the globe

Qlocker ransomware campaign targets QNAP devices across the globe

The campaign uses 7-zip to move files on QNAP devices into password-protected archives.
22 April 2021