Today Reuters reported that Microsoft has also been involved in the Solarwinds attack which has seen more than 18,000 companies and government institutions being infected with a backdoor which would allow hackers, likely Russian in origin, free access to their networks.

Microsoft says they have detected a malicious version of the software from SolarWinds inside the company but also said that its investigation so far showed no evidence hackers had used Microsoft systems to attack customers.

In their official statement they said:

Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.

Microsoft has been involved in developing a killswitch for the Sunburst payload, but FireEye warns that hackers may have already used the malware to implant more persistent malware on the network which may be even harder to detect and eradicate.

Comments