Reuters reports:
A second hacking group, different from the suspected Russian team now associated with the major SolarWinds data breach, also targeted the company’s products earlier this year, according to a security research blog by Microsoft. “The investigation of the whole SolarWinds compromise led to the discovery of an additional malware that also affects the SolarWinds Orion product but has been determined to be likely unrelated to this compromise and used by a different threat actor,” the blog said… It is unclear whether SUPERNOVA has been deployed against any targets, such as customers of SolarWinds. The malware appears to have been created in late March, based on a review of the file’s compile times. Microsoft’s detailed blog post notes that the code “provides an attacker the ability to send and execute any arbitrary C# program on the victim’s device.”
Read more of this story at Slashdot.
Source:
https://it.slashdot.org/story/20/12/20/169229/microsoft-a-second-different-threat-actor-had-also-infected-solarwinds-with-malware?utm_source=rss1.0mainlinkanon&utm_medium=feed