SolarWinds was allegedly attacked by Russian hackers. The recent attack was a big deal since it is one of the largest software providers.
(Photo : Photo by Patrick Lux/Getty Images)
Participant hold their laptops in front of an illuminated wall at the annual Chaos Computer Club (CCC) computer hackers’ congress, called 29C3, on December 28, 2012 in Hamburg, Germany. The 29th Chaos Communication Congress (29C3) attracts hundreds of participants worldwide annually to engage in workshops and lectures discussing the role of technology in society and its future.
However, the giant company claimed that no other products were affected in the previous security breach. SolarWinds said on Tuesday, Dec. 17, that they were not able to find other products containing malicious codes similar to the one they identified in the Orian platform.
According to ZDNet‘s latest report, the company made its assertion after it carried out an internal audit of all its applications. SolarWinds conducted the audit after news outlets reported on Sunday, Dec. 13, that Russian state-sponsored cyber criminals attacked the company’s internal network.
They inserted malware inside Orian, an inventory and network monitoring platform. The hackers used the SUNBURST malware, also known as Solorigate, to attack the Orion app version 2019.4 through version 2020.2.1.
Why SolarWinds claim no other products were affected
SolarWinds explained that they scanned the code of all their software products and found no evidence that other Orion Platform products were affected.
(Photo : Photo by Sean Gallup/Getty Images)
A participant sits with a laptop computer as he attends the annual Chaos Communication Congress of the Chaos Computer Club at the Berlin Congress Center on December 28, 2010 in Berlin, Germany. The Chaos Computer Club is Europe’s biggest network of computer hackers and its annual congress draws up to 3,000 participants.
“We have scanned the code of all our software products for markers similar to those used in the attack on our Orion Platform products identified above, and we have found no evidence that other versions of our Orion Platform products or our other products contain those markers,” said SolarWinds via ZDNet.
The company also said that the markets did not appear on other SolarWinds MSP products, such as N-central and RMM, as well as on the free tools SolarWinds offers.
Why did it use “solarwinds123” as its password?
Business Insider reported that a security researcher already warned SolarWinds about its weak password. Vinoth Kumar, a security expert, said that any hacker could breach the company’s “solarwinds123” password.
Even if you’re not an expert, you can easily identify that the password is really weak since it contains the company’s name and consecutive numbers. Anyone won’t use a password for their email or Facebook account containing their name.
Kumar added that an attacker could easily pull off the massive hack because of the company’s very simple password. The recent attack affected around 18,000 clients across the United States.