US cyber-security agency Malwarebytes at this time mentioned it was hacked by the identical group which breached IT software program firm SolarWinds final 12 months.
Malwarebytes mentioned its intrusion will not be associated to the SolarWinds provide chain incident for the reason that firm would not use any of SolarWinds software program in its inner community.
Additionally: Greatest VPNs • Greatest safety keys
As an alternative, the safety agency mentioned the hackers breached its inner programs by exploiting an Azure Energetic Listing weak spot and abusing malicious Workplace 365 functions.
Malwarebytes mentioned it discovered of the intrusion from the Microsoft Safety Response Heart (MSRC) on December 15.
On the time, Microsoft was auditing its Workplace 365 and Azure infrastructures for indicators of malicious apps created by the SolarWinds hackers, additionally recognized in cyber-security circles as UNC2452 or Darkish Halo.
Malwarebytes mentioned that after it discovered of the breach, it started an inner investigation to find out what hackers accessed.
“After an intensive investigation, we decided the attacker solely gained entry to a restricted subset of inner firm emails,” mentioned at this time Marcin Kleczynski, Malwarebytes co-founder and present CEO.
Malwarebytes merchandise should not affected
For the reason that identical risk actor breached SolarWinds after which moved to poison the corporate’s software program by inserting the Sunburst malware into some updates for the SolarWinds Orion app, Kleczynski mentioned additionally they carried out a really thorough audit of all its merchandise and their supply code, trying to find any indicators of an analogous compromise or previous provide chain assault.
“Our inner programs confirmed no proof of unauthorized entry or compromise in any on-premises and manufacturing environments.
“Our software program stays protected to make use of,” Kleczynski added.
After at this time’s disclosure, Malwarebytes turns into the fourth main safety vendor focused by the UNC2452/Darkish Halo risk actor, which US officers have linked to a Russian authorities cyber-espionage operation.
Beforehand focused corporations embody FireEye, Microsoft, and CrowdStrike.