SolarWinds was allegedly attacked by Russian hackers. The recent attack was a big deal since it is one of the largest software providers.
However, the giant company claimed that no other products were affected in the previous security breach. SolarWinds said on Tuesday, Dec. 17, that they were not able to find other products containing malicious codes similar to the one they identified in the Orian platform.
According to ZDNet's latest report, the company made its assertion after it carried out an internal audit of all its applications. SolarWinds conducted the audit after news outlets reported on Sunday, Dec. 13, that Russian state-sponsored cyber criminals attacked the company's internal network.
They inserted malware inside Orian, an inventory and network monitoring platform. The hackers used the SUNBURST malware, also known as Solorigate, to attack the Orion app version 2019.4 through version 2020.2.1.
Why SolarWinds claim no other products were affected
SolarWinds explained that they scanned the code of all their software products and found no evidence that other Orion Platform products were affected.
"We have scanned the code of all our software products for markers similar to those used in the attack on our Orion Platform products identified above, and we have found no evidence that other versions of our Orion Platform products or our other products contain those markers," said SolarWinds via ZDNet.
The company also said that the markets did not appear on other SolarWinds MSP products, such as N-central and RMM, as well as on the free tools SolarWinds offers.
Why did it use "solarwinds123" as its password?
Business Insider reported that a security researcher already warned SolarWinds about its weak password. Vinoth Kumar, a security expert, said that any hacker could breach the company's "solarwinds123" password.
Even if you're not an expert, you can easily identify that the password is really weak since it contains the company's name and consecutive numbers. Anyone won't use a password for their email or Facebook account containing their name.
Kumar added that an attacker could easily pull off the massive hack because of the company's very simple password. The recent attack affected around 18,000 clients across the United States.
For more news updates about massive online attacks or hacking, always keep your tabs open here at TechTimes.
This article is owned by TechTimes.
Written by: Giuliano de Leon.