News

SolarWinds: Sunburst Backdoor Victims Are Less Than One Hundred

By admin
Spread the love

The number of SolarWinds users infected by last year’s supply chain leak is less than a hundred. SolarWinds has nearly completed its investigation into the Sunburst backdoor and says the number of affected customers is much lower than previously thought.

SolarWinds says the actual number of victims of the Sunburst malware is “less than a hundred.” The company has been investigating Sunburst. That’s the name of a backdoor found in SolarWinds’ Orion software back in December. Then it turned out that hackers had infected a software update with malware that established a connection to a command-and-control server. Initially, it was said, including by SolarWinds itself, that 18,000 customers were potentially vulnerable to the vulnerability. This was based on the number of customers who had downloaded the infected update.

Now SolarWinds nuances that number. Of the number of customers who downloaded the update, a part, according to the company, did not install it. Another part of the customers used the update on servers that did not have access to the internet and therefore could not be provided with the backdoor.

SolarWinds does not know how many customers have downloaded the infected update. The company says it makes an estimate based on DNS data. Based on that ‘statistical analysis’, the company says it believes that ‘less than a hundred customers’ have made contact with the c&c server. SolarWinds emphasizes that the American authorities and external researchers also arrived at that number. Among those hundred customers were big names: MalwareBytes and Microsoft, among others, said that the hackers had access to their systems. The hackers also attacked US ministries, government agencies and universities.

The investigation also revealed that the source code of the company’s software was not modified, but that the backdoor was placed through Orion Platform’s automated build software. The hackers are said to have carried out a test in October 2019 to place malware in the update. It finally shipped in the Orion update between March and June 2020.

You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Blizzard will release certain games via Steam, starting with Overwatch 2

News

EU Council determines position on security requirements for digital products

News

Microsoft and Activision Blizzard postpone acquisition deadline until October

News

Citrix warns of critical vulnerability in NetScaler ADC and Gateway

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin