![]() Trojanized Orion clients leveraged official SolarWinds server updates-installing them on the organization’s client networks-activating the Sunburst malware inside internal networks of corporations and government agencies to gain access to data and send it to the hackers via DNS request. When a build command was detected by Sunspot, the malware swapped source code files from the Orion application with files loading the Sunburst malware-resulting in Orion application versions installing the malicious Sunburst malware. Sunspot was implemented to monitor the build server for build commands assembling Orion, a SolarWinds monitoring platform used by more than 30,000 customers across the globe. The Sunspot malware strain was installed on the Solar Winds build server-used by developers to build smaller software components into larger software applications.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |