According to officials at the NSA, an official update was sent to SolarWinds customers that included a Zeroday malicious software program. Of those customers, about 110 received an additional attack that installed a later-stage payload that stole data. Sunburst is the name of the zeroday malware used in the attack on SolarWinds, stated the NSA.
Officials SolarWinds NSA NSA Zetter
A critical zero-day vulnerability in its Serv-U product line has become a new security threat for SolarWinds, the firm at the center of a supply chain attack that compromised nine US agencies and 100 private companies.
SolarWinds’s advisory on Friday said that Microsoft had discovered the exploits and reported them to the company. The attacks, SolarWinds said, are entirely independent of the supply chain attack discovered in December.
According to the NSA, last year’s supply chain attack was perpetrated by hackers working for Russia’s Foreign Intelligence Service.