AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |
Back to Blog
![]() NET class prior to backdoor code addition Sneaky Injection of Malicious CodeĪlthough the first version containing the tainted Orion software was traced to 20.9083, ReversingLabs has found that an earlier version 20.8890, released in October 2019, also included seemingly harmless modifications that acted as the stepping stone for delivering the real attack payload down the line.Įmpty. Cybersecurity firm FireEye earlier this week detailed how multiple SolarWinds Orion software updates, released between March and June 2020, were injected with backdoor code (".dll" or SUNBURST) to conduct surveillance and execute arbitrary commands on target systems.įireEye has not so far publicly attributed the attack to any specific nation-state actor, but multiple media reports have pinned the intrusion campaign on APT29 (aka Cozy Bear), a hacker group associated with Russia's foreign intelligence service.
0 Comments
Read More
Leave a Reply. |