Security News > 2021 > January > JetBrains' build automation software eyed as possible enabler of SolarWinds hack

JetBrains' build automation software eyed as possible enabler of SolarWinds hack
2021-01-07 05:53

The SolarWinds security breach disclosed last month, which US authorities believe was of Russian origin and led to the compromise of at least 18,000 organizations, may have been enabled in part by software from JetBrains.

One of these, build management and continuous integration system TeamCity, is used by SolarWinds as part of its application build process.

The New York Times on Wednesday reported that unidentified sources familiar with the SolarWinds investigation say investigators are looking into whether JetBrains' software was involved.

Separately, Reuters said the FBI is scrutinizing TeamCity to see whether the software played a role in the compromise of the SolarWinds build system.

"There are some implications that a development tool JetBrain makes was used to breach Solarwinds, but JetBrains stated that if the tool was involved, it was likely a misconfiguration of the tool and not a problem with JetBrains being compromised. JetBrains makes very popular development tools. A breach of JetBrains would be yet another huge supply chain type attack."

SolarWinds last month acknowledged that the security breach involved two separate attacks: Supernova, which involved a malicious library targeting the SolarWind Orion Platform build system and a vulnerability that allows the malware to be deployed; and Sunburst, a supply chain attack that involved the insertion of a vulnerability into builds of SolarWinds' Orion Platform software.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/01/07/jetbrains_solarwinds_accusation/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 56 33 101 81 51 266