Microsoft has discovered yet more SolarWinds malware

News
By published

The SolarWinds fallout continues as Microsoft reveals more

Zero-day attack
(Image credit: Shutterstock.com)

Microsoft has released its current findings into the SolarWinds attack that continues to shake the global cybersecurity industry. 

So far, the technology firm has been able to outline attack methods, malware strains, and mitigation strategies but continues to stress that the full extent of the cyberattack remains unknown.

According to Microsoft’s investigation, the SolarWinds attack was able to take place due to a compromised DLL file associated with the Orion infrastructure management platform. The insertion of malicious code into this file created a backdoor for hackers to exploit, allowing them to subsequently carry out a hands-on keyboard attack.

“In many of their actions, the attackers took steps to maintain a low profile,” the Microsoft 365 Defender Research Team explained. “For example, the inserted malicious code is lightweight and only has the task of running a malware-added method in a parallel thread such that the DLL’s normal operations are not altered or interrupted. This method is part of a class, which the attackers named OrionImprovementBusinessLayer to blend in with the rest of the code. The class contains all the backdoor capabilities, comprising 13 subclasses and 16 methods, with strings obfuscated to further hide malicious code.”

More malware

In a detailed blog post, Microsoft continued by explaining that the DLL backdoor allows attackers to deliver second-stage payloads. Altogether, the technology giant has highlighted several malware strains affecting the SolarWinds platform.

The SolarWinds attack caused huge headlines when it broke last week, with high-level US Government agencies among those affected. US Secretary of State Mike Pompeo has recently come out in support of accusations blaming Russia for the cyberattack.

Fortunately, Microsoft Defender has been equipped to block the malicious SolarWinds DLL. The antivirus program will also isolate associated malware, even if the process is still running.

Barclay Ballard
Barclay Ballard

Barclay has been writing about technology for a decade, starting out as a freelancer with ITProPortal covering everything from London’s start-up scene to comparisons of the best cloud storage services.  After that, he spent some time as the managing editor of an online outlet focusing on cloud computing, furthering his interest in virtualization, Big Data, and the Internet of Things. 

Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Three iPhone 16 handsets on show
Apple could launch an iPhone 17 Ultra this year – but we've heard these rumors before
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
Ray-Ban smart glasses with the Cpperni logo, an LED array, and a MacBook Air with M4 next to ecah other.
ICYMI: the week's 7 biggest tech stories from Twitter's massive outage to iRobot's impressive new Roombas
Brad Pitt looks over his right shoulder with 'F1' written behind him
Apple Original Films will take you behind-the-scenes of a racing cockpit in this new thrilling F1 movie trailer
AI writer
Coding AI tells developer to write it himself
Reacher looking down at another character from the Prime Video TV series Reacher
Reacher season 3 becomes Prime Video’s biggest returning show thanks to Hollywood’s biggest heavyweight
More about security
A hand holding an iPhone with the iCloud logo on screen.

"I have nothing to hide" - our readers react to Apple getting secret hearing in appeal against UK government
Best email services: image of email with one unread message alert

Over 400 million unwanted and malicious emails were received by businesses in 2024
Nikon Z6 III camera in the hand with no lens attached and full-frame sensor on display

What's the best camera sensor format? You told us your clear favorite – here's why it's not that simple
See more latest
Most Popular
Three iPhone 16 handsets on show
Apple could launch an iPhone 17 Ultra this year – but we've heard these rumors before
A hand holding an iPhone with the iCloud logo on screen.
"I have nothing to hide" - our readers react to Apple getting secret hearing in appeal against UK government
A person holding a phone looking at a scam text with warning signs around
A massive SMS toll fee scam is sweeping the US – here’s how to stay safe, according to the FBI
Best email services: image of email with one unread message alert
Over 400 million unwanted and malicious emails were received by businesses in 2024
The X logo next to a silhouette of Elon Musk
Who was really behind the massive X cyberattack? Here’s what experts say about Elon Musk’s claims
Ray-Ban smart glasses with the Cpperni logo, an LED array, and a MacBook Air with M4 next to ecah other.
ICYMI: the week's 7 biggest tech stories from Twitter's massive outage to iRobot's impressive new Roombas
A hand reaching out to touch a futuristic rendering of an AI processor.
Researchers want to embrace Arm's celebrated paradigm for a universal generative AI processor; a puzzling MEGA.mini core architecture
Finger Presses Orange Button Domain Name Registration on Black Keyboard Background. Closeup View
I visited the world’s first registered .com domain – and you won’t believe what it’s offering today
Super Mario Odyssey
ChatGPT is the ultimate gaming tool - here's 4 ways you can use AI to help with your next playthrough
Nokia 5G 360 Camera
This is the world's first 8K 5G 360 degrees camera - and it is also weatherproof