Security News > 2021 > February > SolarWinds Hackers Stole Some Source Code for Microsoft Azure, Exchange, Intune
Microsoft on Thursday said it concluded its probe into the SolarWinds hack, finding that the attackers stole some source code but confirmed there's no evidence that they abused its internal systems to target other companies or gained access to production services or customer data.
The disclosure builds upon an earlier update on December 31, 2020, that uncovered a compromise of its own network to view source code related to its products and services.
"We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories," the Windows maker had previously disclosed.
"The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated."
Now according to the company, besides viewing few individual files by searching through the repositories, some cases involved downloading component source code related to -.
It's worth noting that the entire espionage campaign leveraged the trust associated with SolarWinds software to insert malicious code that was then distributed to as many as 18,000 of its customers.
News URL
Related news
- Microsoft: Exchange 2016 reaches extended end of support in October (source)
- Microsoft: Exchange Online mistakenly tags emails as malware (source)
- New Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted Access (source)
- Ransomware gangs now abuse Microsoft Azure tool for data theft (source)
- Microsoft: Vanilla Tempest hackers hit healthcare with INC ransomware (source)
- A Hacker's Era: Why Microsoft 365 Protection Reigns Supreme (source)