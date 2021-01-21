A huge cyber attack has been hitting large US companies and government agencies for several months. We are now talking about the SolarWinds hack, the name of the main company that has been affected by this cyber attack. Chances are, it’s not the only cybersecurity company affected. Malwarebytes is also one of the victims of hackers.

No serious infrastructure impact unlike FireEye

On January 19, Malwarebytes announced that it had been hacked by the same group of hackers who broke into the SolarWinds infrastructure and the Orion software in particular. A cyber attack that lasted for several years a priori … the hackers would have entered Orion for the first time in October 2019.

In the same category

The SolarWinds hack allowed hackers to get hold of US Justice Department emails

Cyber ​​security researchers agree that this is probably the biggest cyberattack ever. In turn, Malwarebytes confirms that it was hit by the same hackers as those who attacked SolarWinds.

The hackers, whose Russian origin appears to be confirmed in the course of the research, breached Malwarebytes’ internal systems by exploiting a protective product available in Office 365. The company said it learned of the intrusion from the Microsoft Security Response Center (MSRC).

The discovery took place on December 15, when Microsoft also confirmed that it was the victim of this cyber attack. At the time, Microsoft stated, “Like all SolarWinds customers, we can certify that we have discovered malicious SolarWinds binaries in our environment that we have isolated and removed.”

Malwarebytes is the 4th cybersecurity company affected

As soon as the Malwarebytes teams learned of this security breach, the company’s ethical hackers quickly launched an internal investigation to determine what applications and products the hackers might have accessed. Marcin Kleczynski, co-founder and current CEO of Malwarebytes: “After a thorough investigation, we found that the hackers only had access to a limited subset of company-internal emails. There is no risk for our customers. “

The CEO of Malwarebytes is reassuring and acknowledges that his teams have done a very thorough examination of all products as well as their source code to look for the slightest malware. He says, “Our internal systems have shown no signs of unauthorized access or compromise. We no longer have any doubts about the security of our software and can say that our customers can continue to use it. “

Malwarebytes is the fourth major cybersecurity company, alongside FireEye, Microsoft and CrowdStrike, that the hackers behind this cyber espionage operation are targeting. The American company FireEye, a cybersecurity juggernaut when it comes to tracking down state hackers, was not spared from this massive cyber attack. During the hack, the company saw much of its know-how stolen. Years of research and development that fly away.