Microsoft: SolarWinds Gap Used by Chinese Hackers

 


Security holes in SolarWinds software were apparently used by hackers from China.
This was revealed by Microsoft, which says Chinese hackers used zero remote code to attack SolarWinds software. If the vulnerability is successfully exploited, hackers are free to install and run malware and view or alter data from the software.



In its official blog post, Microsoft explained that they had been monitoring the hacker syndicate as part of its investigation. From their investigation they found that Chinese hackers targeted the organization behind research and development for the U.S. military.



The syndicate was given the name DEV-0322 by Microsoft, referring to its unknown status. The label was used because Microsoft felt confident it would be able to identify the syndicate, or know its origins.



This is because the syndicate, which operates out of China, uses commercial VPN solutions and hacks user -class routers to hide their attacks. Microsoft said it had contacted the parties involved and taken the necessary action to deal with the attack.



SolarWinds has previously confirmed that they have been contacted by Microsoft about the lack of security in the Serv-U software. The shortcomings are related to file transfers and the FTP system, and are fortunately now patched.



The SolarWinds name has become famous since their servers were ruined because of passwords that - he said - were easy to guess because they were created by interns. SolarWinds executives and former executives blamed interns at their companies for using too weak passwords.



The password in question was ‘solarwinds123’, first discovered in 2019 by independent security researchers, who immediately notified SolarWinds.



It is unclear how large the role of weak passwords is in Russian hackers ’hacking against U.S. federal government agencies as well as private companies, which are said to be the biggest hackers in U.S. history.



But so far, weak passwords have been one of three possibilities of how hackers can infiltrate malware into SolarWinds software updates that are then distributed to their 18,000 users, including U.S. federal government agencies.
Previous Post Next Post

Contact Form