Investigators at Moscow-based cybersecurity firm Kaspersky had said the “backdoor” used to compromise up to 18,000 customers of US software maker SolarWinds resembled malware tied to a hacking group known as “Turla,” which operates on behalf of Russia’s FSB security service. Moscow had repeatedly denied the allegations. Experts mentioned three similarities between the SolarWinds backdoor and a hacking tool called “Kazuar” used by Turla made it likely Russian in origin.
The US Department of Justice’s email systems were accessed by the hackers who broke into software company SolarWinds. The department, which has over 100,000 employees across a series of law enforcement agencies — FBI, Drug Enforcement Administration, and the US Marshals Service, said in a statement that 3% of its mailboxes were accessed. However, it said that it had no indication any classified systems were impacted.
Intel and Nvidia, in separate statements, said that they were investigating whether they were a victim of the SolarWinds hack that has roiled the U.S. govt and private firms, “We are still actively investigating, but we currently see no evidence that our systems were affected,” Intel said in a statement. Nvidia Corp in a statement said it’s looking into whether there was illicit access of its systems. “We have no evidence at this time that Nvidia was adversely affected.”
Microsoft has confirmed malicious software in its systems which are linked to a massive hacking campaign discovered by the US govt officials earlier this week. The tech giant is also a user of Orion, SolarWinds widely deployed networking management software which was used in the alleged Russian attacks on key USA govt agencies. The hackers, as per reports, also made use of Microsoft cloud offerings Azure while avoiding its corporate infrastructure.
IT company SolarWinds said that products released in March and June 2020 may have surreptitiously tampered within a “highly-sophisticated, targeted and manual supply chain attack by a nation-state.” The statement has come at a time when US intelligence agencies are investigating breaches at several govt departments. The breach is said to be connected to the intrusion at cybersecurity firm FireEye, which is currently believed to be the work of Russians.