Software company SolarWinds has said that a previously unknown flaw in two of its programs have been exploited by unknown hackers, as a way of targeting a limiting set of customers. The news was revealed in a statement released by the firm over the weekend.
Questions and Their Answers
Further insight has been provided through the question-and-answer page which has been appended to the statement. SolarWinds has said that the flaw happens to be “completely unrelated” to another attack from last year, when government networks were affected by a group of alleged Russian spies, through an espionage operation that heavily relied on the software firm, using it as a way to access the targeted networks.
The page also reads that SolarWinds is currently not aware of the customers that have potentially been affected by the attack. Further, researchers from Microsoft Corp. have been credited for catching the bug. The Satya Nadella-led tech biggie apparently notified SolarWinds of a vulnerability in its Serv-U Secured FTP, and Serv-U Managed File Transfer Server. The team has even attempted to help the software company resolve the vulnerability, by developing a hotfix.
The teams at Texas-based SolarWinds, and Microsoft have joined hands in a bid to address the security issue as soon as possible, even though research indicates that only a targeted set of people have been affected.
The posts also delves into the exact nature of the threat, known thus far. It says that that vulnerability was noted, in the Serv-U version 15.2.3 HF1 (which is the latest version released only two months ago, on May 5th, 2021), in addition to all previous versions.
It further explains that any threat actor who managed to exploit the vulnerability, would be able to run arbitrary code with privileges. This could then allow hackers to “install programmes; view, change, or delete data; or run programmes on the affected system.”
What Happened Two Weeks Ago?
This comes barely a few weeks after Microsoft had first informed the world that a hacker had gained access to a customer service agent, and then used the data obtained to try and hack customers.
The firm announced that the compromise to security had been noticed during a response to a hack that had been orchestrated by a group called Nobelium, which has apparently also led to attacks on Microsoft and SolarWinds earlier. Following this, the firm proceeded to warn the customers who had been affected.
Source: Thomson Reuters