Cyber ​​security firm CrowdStrike, one of the companies directly involved in the investigation into the SolarWinds supply chain attack, announced today that it has identified a third strain of malware that was directly involved in the latest hack.

Called SunspotThis finding contributes to the previously discovered Sunburst (Solorigate) and Teardrop malware strains.

Also: Best VPNs

While Sunspot is the latest discovery in the SolarWinds hack, Crowdstrike said that the malware was actually the first to be used.

Sunspot malware was running on the SolarWinds build server

In a report released today, Crowdstrike said that Sunspot was deployed in September 2019 when hackers first breached SolarWinds’ internal network.

The Sunspot malware was installed on the SolarWinds build server, a type of software that developers use to assemble smaller components into larger software applications.

CrowdStrike said Sunspot had a single purpose – to monitor the build server for build commands that …



Source link

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.