Microsoft links SolarWinds hacker group to China


Tech giant Microsoft has attributed the infamous SolarWinds cyberattack from last year to a Chinese hacker group. The company’s Threat Intelligence Center (MSTIC) said the attacks were carried out by a group called “DEV-0322″ who had a “presumed goal” of accessing clients of the United States’ defense industry.

“Microsoft has detected a 0-day remote code execution exploit being used to attack SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group operating out of China, based on observed victimology, tactics, and procedures,” the company said in a blog post.

SolarWinds attack was discovered last year and is named as such because the hackers compromised a popular network monitoring tool called Orion, made by IT firm SolarWinds. The tool, according to reports at the time, was used by over 400 Fortune 500 companies. Some reports originally suspected the group to be of Russian origin at the time.


MSTIC said it has also observed the hacker group targeting “entities in the US Defense Industrial Base Sector and software companies.” It added, “This activity group is based in China and has been observed using commercial VPN solutions and compromised consumer routers in their attacker infrastructure.”

The threat intelligence group discovered the zero-day exploit during a “routine investigation” of Microsoft 365 Defender, its enterprise security software suite. SolarWinds had patched the vulnerabilities found by Microsoft on July 9, 2021. “The vulnerability exists in the latest Serv-U version 15.2.3 HF1 released May 5, 2021, and all prior versions. A threat actor who successfully exploited this vulnerability could run arbitrary code with privileges. An attacker could then install programs; view, change, or delete data; or run programs on the affected system,” the company said in its disclosure.


Subscribe to Mint Newsletters

* Enter a valid email

* Thank you for subscribing to our newsletter.


Never miss a story! Stay connected and informed with Mint.
our App Now!!

Stay connected with us on social media platform for instant update click here to join our  Twitter, & Facebook


We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.

For all the latest Technology News Click Here 

 For the latest news and updates, follow us on Google News


Read original article here

Denial of responsibility! TechAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.


This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More