Microsoft admits to also being hacked in Solarwind attack, issues statement

Reading time icon 1 min. read

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Microsoft SQL Server

Today Reuters reported that Microsoft has also been involved in the Solarwinds attack which has seen more than 18,000 companies and government institutions being infected with a backdoor which would allow hackers, likely Russian in origin, free access to their networks.

Microsoft says they have detected a malicious version of the software from SolarWinds inside the company but also said that its investigation so far showed no evidence hackers had used Microsoft systems to attack customers.

In their official statement they said:

Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed. We have not found evidence of access to production services or customer data. Our investigations, which are ongoing, have found absolutely no indications that our systems were used to attack others.

Microsoft has been involved in developing a killswitch for the Sunburst payload, but FireEye warns that hackers may have already used the malware to implant more persistent malware on the network which may be even harder to detect and eradicate.

More about the topics: microsoft, security