Malwarebytes Hit by SolarWinds Attackers

2021-01-20 17:36

Malwarebytes is the latest discovered victim of the SolarWinds hackers, the security company said - except that it wasn't targeted through the SolarWinds platform.

"While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor," it disclosed in a Tuesday web posting.

While the tactics, techniques and procedures turned out to be consistent with those used by the SolarWinds APT, in this case the espionage effort only affected a "Limited subset of internal company emails," the firm noted.

A Malwarebytes spokesperson noted only, "This was a nation-state attack against many vectors, including multiple security vendors." The company declined to provide additional information on the TTPs linking this attack to the SolarWinds attackers.

"Why are the SolarWinds hackers going after security companies? When you piece together the puzzle it becomes scary," Luttwak said.

The SolarWinds espionage attack, which has affected several U.S. government agencies, tech companies like Microsoft and FireEye, and many others, began with a poisoned software update that delivered the Sunburst backdoor to around 18,000 organizations last spring.

News URL

https://threatpost.com/malwarebytes-solarwinds-attackers/163190/

#malwarebytes #solarwinds

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Solarwinds		56	33	104	80	50	267
Malwarebytes		9	1	8	14	2	25