Security News > 2021 > March > Mimecast: SolarWinds hackers stole some of our source code

Mimecast: SolarWinds hackers stole some of our source code
2021-03-16 16:53

Email security company Mimecast has confirmed today that the state-sponsored SolarWinds hackers who breached its network earlier this year downloaded source code out of a limited number of repositories.

To breach Mimecast's network, the attackers used the Sunburst backdoor, a malware distributed by the SolarWinds hackers to roughly 18,000 SolarWinds customers using the compromised auto-update mechanism of the SolarWinds Orion IT monitoring platform.

The company believes that the source code exfiltrated by the attackers is incomplete and insufficient to develop a working version of the Mimecast service.

During the investigation, Mimecast discovered additional access methods established by the SolarWinds hackers to maintain access to compromised Windows systems on the company's production grid environment.

Mimecast reset all "Affected hashed and salted credentials" after also recommending customers hosted in the US and the UK to reset any server connection credentials they use on the Mimecast platform.

Around the time Mimecast disclosed their breach, cybersecurity firm Malwarebytes also confirmed that the SolarWinds hackers could access some internal company emails.


News URL

https://www.bleepingcomputer.com/news/security/mimecast-solarwinds-hackers-stole-some-of-our-source-code/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Solarwinds 45 1 84 103 43 231