19 February 2021

SolarWinds hackers downloaded some Azure, Intune, Exchange source code


SolarWinds hackers downloaded some Azure, Intune, Exchange source code

Microsoft has released a final report regarding its internal investigation into the SolarWinds breach, which was initiated after the company detected an unusual activity on its systems back in December.

The investigation revealed that the attackers got access to some repositories and downloaded source code for three company’s products, namely the cloud computing service Azure, the cloud-based management solution Intune and the mail and calendar server Exchange. In all cases the hackers only downloaded a small subset of files, Microsoft says, and search terms used by the threat actor indicate that they were interested in company’s secrets.

“Our development policy prohibits secrets in code and we run automated tools to verify compliance. Because of the detected activity, we immediately initiated a verification process for current and historical branches of the repositories. We have confirmed that the repositories complied and did not contain any live, production credentials,” Microsoft said.

The tech giant stressed that the attackers did not gain access to any of its products or services, as well as the vast majority of source code. Also, the company did not find any evidence that its systems were used to launch attacks against other victims. Microsoft also determined that no production services or customer data were compromised during the breach.

Back to the list

Latest Posts

Researchers discover connection between SunCrypt and QNAPCrypt ransomware

Researchers discover connection between SunCrypt and QNAPCrypt ransomware

SunCrypt may be an updated version of the QNAPCrypt ransomware.
4 March 2021
Cybersecurity firm Qualys appears to be the latest victim of Accellion FTA zero-day attacks

Cybersecurity firm Qualys appears to be the latest victim of Accellion FTA zero-day attacks

The cybercriminals behind the Clop ransomware operation have posted screenshots of files allegedly stolen from Qualys on their leak site.
4 March 2021
CISA orders federal agencies to ‘immediately’ patch Exchange flaws exploited by hackers

CISA orders federal agencies to ‘immediately’ patch Exchange flaws exploited by hackers

Several APT groups are exploiting "at least" the CVE-2021-26855 Microsoft Exchange Server vulnerability as part of ongoing attacks, ESET says.
4 March 2021