Security News > 2021 > February > Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code

Microsoft: SolarWinds Attackers Downloaded Azure, Exchange Code
2021-02-19 14:11

Threat actors downloaded some Microsoft Exchange and Azure code repositories during the sprawling SolarWinds supply-chain attack but did not use the company's internal systems or products to attack other victims.

"We have now completed our internal investigation into the activity of the actor which confirms that we found no evidence of access to production services or customer data," the company said in a blog post on its Microsoft Security Response Center published Thursday.

Once embedded, the attackers were able to pick and choose which organizations to further penetrate.

Microsoft came out as one of those victims in December, acknowledging that malicious SolarWinds binaries were detected in its environment, which the company immediately isolated and removed, a spokesperson said at the time.

Threat actors apparently accessed and downloaded source code from a "Small number of repositories," Microsoft said.

These repositories contained code for: A small subset of Azure components including those related to service, security and identity; a small subset of Intune components; and a small subset of Exchange components.


News URL

https://threatpost.com/microsoft-solarwinds-azure-exchange-code/164104/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 44 0 80 95 40 215