~18,000 organizations downloaded backdoor planted by Cozy Bear hackers

3D illustration Rendering of binary code pattern Abstract background.Futuristic Particles for business,Science and technology background,Blue Background

Enlarge (credit: Getty Images)

About 18,000 organizations around the world downloaded network management tools that contained a backdoor that spies believed to be backed by the Russian government could use to install additional malware that stole sensitive data, the tools provider, SolarWinds, said on Monday.

The disclosure from Austin, Texas-based software maker SolarWinds, came a day after the US government revealed a major security breach hitting federal agencies and private companies. The US Departments of Treasury, Commerce, and Homeland Security departments were among the federal agencies on the receiving end of attacks that gave access to email and other sensitive resources. Federal agencies using the software were instructed on Sunday to disconnect systems that run the software and perform a forensic analysis of their networks.

Security firm FireEye, which last week disclosed a serious breach of its own network, said that hackers backed by a nation state compromised a SolarWinds software update mechanism and then used it to infect selected customers who installed a backdoored version of the company’s Orion network management tool.

Read 11 remaining paragraphs | Comments



https://ift.tt/3a9SKxb

Comments