Autodesk, a software company that makes CAD software for manufacturing, has confirmed it was targeted as part of the SolarWinds supply-chain attack last year.
In a SEC filing Autodesk said that it identified a compromised server and immediately took steps to contain and remediate the incidents.
"While we believe that no customer operations or Autodesk products were disrupted as a result of this attack, other, similar attacks could have a significant negative impact on our systems and operations," the company said.
An Autodesk spokesperson told BleepingComputer that the compromised SolarWinds server was discovered on December 13, 2020. Attackers planted a backdoor called Sunburst on the server, but besides this implant no other malware was discovered on the compromised server.
"Autodesk’s Security team has concluded their investigation and observed no malicious activity beyond the initial software installation," the Autodesk representative said.