Cyber security firm CrowdStrike, one of the companies directly involved in the investigation into the SolarWinds supply chain attack, announced today that it has identified a third strain of malware that was directly involved in the latest hack.
Called SunspotThis finding contributes to the previously discovered Sunburst (Solorigate) and Teardrop malware strains.
Also: Best VPNs
While Sunspot is the latest discovery in the SolarWinds hack, Crowdstrike said that the malware was actually the first to be used.
Sunspot malware was running on the SolarWinds build server
In a report released today, Crowdstrike said that Sunspot was deployed in September 2019 when hackers first breached SolarWinds’ internal network.
The Sunspot malware was installed on the SolarWinds build server, a type of software that developers use to assemble smaller components into larger software applications.
CrowdStrike said Sunspot had a single purpose – to monitor the build server for build commands that …