Security researchers found out why SolarWinds was hacked by the alleged Russian hackers. They claim that the giant software company used a very weak password in 2019 that left it vulnerable to breaches.

Also Read: Avast Discovers 28 Malicious Extensions for Google Chrome, Microsoft Edge

According to Vinoth Kumar, the company previously used the word "solarwinds123" as its password. However, since it is obviously weak and anyone can guess it, he contacted the company in 2019 to warn it.

Previously, there are some hackers that claim they already accessed SolarWinds' database. They added that they could sell access to the company's computers.

However, it was not clear if the offer was for selling access to computers that used SolarWinds software or for selling a method to infiltrate the actual company.

On the other hand, Reuters previously reported that other researchers said that the password was not the main reason for the company's vulnerability.

Is the password 'solarwinds123' really the main cause?

Other experts clarified that the weak password was not the main cause of the intrusion. Kyle Hanslovan, the Mary-land based cybersecurity company Huntress' confounder, said that the malicious updates were still available for download days after the company's software was compromised.

Although it is not considered as the main reason for the vulnerability, the weak password shows how terrible SolarWinds' security culture is. This is really alarming since the company's Orion network management tool is used to manage switches and routers inside large corporate networks.

Investigation is still ongoing

According to Extreme Tech's latest report, security researchers are currently investigating the massive breach in SolarWinds. As of the moment, there is not enough information to confirm how hackers infiltrated the company's database and software.

The recent hack is a serious one since it breached the Orion, which has around 33,000 customers out of a total customer base of 330,000 customers. If the info is correct, it means that around 54% of the company's customers are compromised.

Security researchers said that they are sure that APT29 is not the one that directly attacked SolarWinds' source code repository, which is the software build system.

Although the direct hackers are not identified yet, experts said that they are really specialized in hacking since they were able to pull off the massive attack.

Current reports suggested that the hackers are also responsible for a series of attacks on a particular think tank way back in 2019 and early 2020.

For more news updates about SolarWinds' hack, and other huge breaches, always keep your tabs open here at TechTimes.

Related Article: SolarWinds Breach: FireEye Discovers More than 25 Firms Compromised

This article is owned by TechTimes.

Written by: Giuliano de Leon.

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion