Microsoft Releases Free Tool for Hunting SolarWinds Malware
Microsoft has released a free tool designed to hunt SolarWinds malware following a devastating espionage campaign in which Russian state hackers compromised SolarWind’s Orion software in a supply-chain attack that affected major US organizations and federal agencies. Organizations who are still investigating whether they are victims of or still infected by this attack can now access Microsoft’s free toolkit that the company used to root out the malware in its own code.
Microsoft used GitHub’s Advanced Security toolset CodeQL and a set of queries that have been released to the public designed to analyze source code and detect patterns and functions that are signs of malicious content. The queries can be utilized on any software that may have been impacted by the supply chain attack. The release could potentially save other organizations from further risks.