Cybersecurity firm Malwarebytes said it was hacked by ‘Dark Halo’, the same group that breached SolarWinds in 2020. The company pointed out that hackers exploited another attack vector and did use SolarWinds Orion software.
The company’s blog post says: “While Malwarebytes does not use SolarWinds, we, like many other companies were recently targeted by the same threat actor. We can confirm the existence of another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments. After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails. We found no evidence of unauthorized access or compromise in any of our internal on-premises and production environments.”
Malwarebytes learned of the breach on December 15, 2020 from the Microsoft Security Response Center, which detected suspicious activity coming from a third party application in its Microsoft Office 365 tenant.
Malwarebytes adds to a growing list of security firms that were hit by Solarwinds attackers, after FireEye, Microsoft, and CrowdStrike.
Read more about it here.