Security News > 2021 > February > SolarWinds Hackers Stole Some Source Code for Microsoft Azure, Exchange, Intune

Microsoft on Thursday said it concluded its probe into the SolarWinds hack, finding that the attackers stole some source code but confirmed there's no evidence that they abused its internal systems to target other companies or gained access to production services or customer data.
The disclosure builds upon an earlier update on December 31, 2020, that uncovered a compromise of its own network to view source code related to its products and services.
"We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories," the Windows maker had previously disclosed.
"The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated."
Now according to the company, besides viewing few individual files by searching through the repositories, some cases involved downloading component source code related to -.
It's worth noting that the entire espionage campaign leveraged the trust associated with SolarWinds software to insert malicious code that was then distributed to as many as 18,000 of its customers.
News URL
Related news
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- Microsoft's End of Support for Exchange 2016 and 2019: What IT Teams Must Do Now (source)
- Microsoft names alleged credential-snatching 'Azure Abuse Enterprise' operators (source)
- Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Microsoft Exchange Online outage affects Outlook web users (source)
- Microsoft: Exchange Online bug mistakenly quarantines user emails (source)