JetBrains' build automation software eyed as possible enabler of SolarWinds hack

2021-01-07 05:53

The SolarWinds security breach disclosed last month, which US authorities believe was of Russian origin and led to the compromise of at least 18,000 organizations, may have been enabled in part by software from JetBrains.

One of these, build management and continuous integration system TeamCity, is used by SolarWinds as part of its application build process.

The New York Times on Wednesday reported that unidentified sources familiar with the SolarWinds investigation say investigators are looking into whether JetBrains' software was involved.

Separately, Reuters said the FBI is scrutinizing TeamCity to see whether the software played a role in the compromise of the SolarWinds build system.

"There are some implications that a development tool JetBrain makes was used to breach Solarwinds, but JetBrains stated that if the tool was involved, it was likely a misconfiguration of the tool and not a problem with JetBrains being compromised. JetBrains makes very popular development tools. A breach of JetBrains would be yet another huge supply chain type attack."

SolarWinds last month acknowledged that the security breach involved two separate attacks: Supernova, which involved a malicious library targeting the SolarWind Orion Platform build system and a vulnerability that allows the malware to be deployed; and Sunburst, a supply chain attack that involved the insertion of a vulnerability into builds of SolarWinds' Orion Platform software.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/01/07/jetbrains_solarwinds_accusation/

#automation #hack #solarwinds

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Solarwinds		56	33	104	77	36	250