19 February 2021

SolarWinds hackers downloaded some Azure, Intune, Exchange source code


SolarWinds hackers downloaded some Azure, Intune, Exchange source code

Microsoft has released a final report regarding its internal investigation into the SolarWinds breach, which was initiated after the company detected an unusual activity on its systems back in December.

The investigation revealed that the attackers got access to some repositories and downloaded source code for three company’s products, namely the cloud computing service Azure, the cloud-based management solution Intune and the mail and calendar server Exchange. In all cases the hackers only downloaded a small subset of files, Microsoft says, and search terms used by the threat actor indicate that they were interested in company’s secrets.

“Our development policy prohibits secrets in code and we run automated tools to verify compliance. Because of the detected activity, we immediately initiated a verification process for current and historical branches of the repositories. We have confirmed that the repositories complied and did not contain any live, production credentials,” Microsoft said.

The tech giant stressed that the attackers did not gain access to any of its products or services, as well as the vast majority of source code. Also, the company did not find any evidence that its systems were used to launch attacks against other victims. Microsoft also determined that no production services or customer data were compromised during the breach.

Back to the list

Latest Posts

Vulnerability summary for the week: March 5, 2021

Vulnerability summary for the week: March 5, 2021

A weekly vulnerability digest.
5 March 2021
Microsoft shares details on three new malware strains used in SolarWinds hack

Microsoft shares details on three new malware strains used in SolarWinds hack

GoldMax, Sibot and GoldFinder were used by attackers to achieve persistence on the infected machines and perform actions post-compromise.
5 March 2021
Four notorious cybercrime forums hacked

Four notorious cybercrime forums hacked

The list of hacked crime forums includes Maza, Verified, Crdclub and Exploit.
5 March 2021