Malicious actors have managed to break into the network of Malwarebytes. According to the security company, only a “limited subset of corporate e-mails” has been captured.
Malwarebytes writes about the hack in a blog post. The company claims the same people are behind the hack as the ones who were responsible for the SolarWinds-hack. Malwarebytes does not use any SolarWinds software, but the attackers still managed to penetrate the company’s Microsoft 365 tenant.
On 15 December, Microsoft notified the security company of suspicious activity within the tenant. The activity corresponded to the behaviour that the SolarWinds hackers displayed after penetrating a network.
Following this warning, Malwarebytes conducted an extensive investigation into the impact of the hack. This revealed that the attackers had exploited an old security service within Microsoft 365 to access a small subset of Malwarebytes’ internal emails.
Software remains safe to use
Malwarebytes claims that the company’s own software is not affected. To be sure, it says it has examined all Malwarebytes’ source code and has even carried out reverse engineering on its own software. The company is therefore convinced that its software is still safe to use.
Attack on more than just SolarWinds software
It was recently revealed that the attackers behind the SolarWinds hack had carried out more attacks than just compromising SolarWinds Orion. The attackers also appear to have used various techniques to guess passwords.