OPEN APP
Home >Technology >News >Microsoft links new SolarWinds hacker group to China

Tech giant Microsoft has attributed a new cyberattack on IT firm SolarWinds to a Chinese hacker group. The company’s Threat Intelligence Center (MSTIC) said the attacks were carried out by a group called “DEV-0322" who had a “presumed goal" of accessing clients of the United States’ defense industry.

“Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group operating out of China, based on observed victimology, tactics, and procedures," the company said in a blog post.

SolarWinds had also suffered a cyberattack in December last year, which was attributed to a Russian hacker group at the time. That hack may have compromised many government agencies and corporates.

MSTIC said it has also observed the hacker group targeting “entities in the US Defense Industrial Base Sector and software companies." It added, “This activity group is based in China and has been observed using commercial VPN solutions and compromised consumer routers in their attacker infrastructure."

The threat intelligence group discovered the zero-day exploit during a “routine investigation" of Microsoft 365 Defender, its enterprise security software suite. SolarWinds had patched the vulnerabilities found by Microsoft on July 9, 2021. “The vulnerability exists in the latest Serv-U version 15.2.3 HF1 released May 5, 2021, and all prior versions. A threat actor who successfully exploited this vulnerability could run arbitrary code with privileges. An attacker could then install programs; view, change, or delete data; or run programs on the affected system," the company said in its disclosure.

Subscribe to Mint Newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.

Never miss a story! Stay connected and informed with Mint. Download our App Now!!

Close
×
Edit Profile
My ReadsRedeem a Gift CardLogout