Yesterday, Microsoft announced that it had also been targeted by the SolarWinds espionage campaign after uncovering malware within its systems. The tech giant uses the networking management software Orion found to be the source of the attack impacting a half dozen federal agencies so far. Microsoft’s own products may have been leveraged to attack victims, according to sources familiar with the incident. The US National Security Agency released a report yesterday explaining how Microsoft Azure cloud services were compromised by hackers, advising users to lock down their systems to mitigate the risk of implication in the hack.
Like other SolarWinds customers, Microsoft stated that they were actively looking for indicators of infiltration by the malicious actor, suspected to be Russian government-backed adversaries, eventually finding malicious SolarWinds binaries in their environment. The binaries have been isolated and removed, according to a Microsoft spokesperson. The hackers capitalized on Microsoft cloud offerings while avoiding corporate infrastructure, according to a source familiar with the incident.
Read More: Microsoft says it found malicious software in its systems
