Security News > 2021 > January > JetBrains denies involvement in the SolarWinds supply-chain hack

JetBrains denies involvement in the SolarWinds supply-chain hack
2021-01-07 09:20

JetBrains' CEO, Maxim Shafirov, denied reports from multiple news outlets that the company played a role in the SolarWinds supply chain attack.

TeamCity, a continuous integration and deployment system used for unit testing and code quality analysis, is the JetBrains product that officials are reportedly looking into as a potential attack vector used by the SolarWinds hackers.

The reports present multiple potential investigation avenues including the possibility that the TeamCity software was backdoored by the threat actors to infiltrate JetBrains customers' systems and that a SolarWinds TeamCity server was compromised by exploiting high severity or critical vulnerabilities.

JetBrains' CEO issued an official statement after the media reports were published denying that the company was involved in any way in the SolarWinds hack.

A JetBrains spokesman also told Reuters that the company is not aware of a JetBrains breach that could have led to a hack or of any customers being impacted after exploitation of a TeamCity vulnerability.

None of the articles published so far, including those referencing investigations by the FBI, as well as quotes from SolarWinds themselves, show any evidence that TeamCity has any vulnerability or backdoor that would have allowed unauthorized access to the build process.


News URL

https://www.bleepingcomputer.com/news/security/jetbrains-denies-involvement-in-the-solarwinds-supply-chain-hack/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Jetbrains 32 16 236 121 46 419
Solarwinds 44 0 80 95 40 215