Microsoft's new findings suggest that the second attacker of SolarWinds is not related to the first group of cybercriminals. The tech giant firm stated that there could be another group of hackers behind the devastating SolarWinds attack, which affected many companies and thousands of consumers.
The first attack compromised 18,000 customers of SolarWinds. Although the same attack also focused on the software firm, Microsoft reiterated that it is unrelated to this compromise.
The company also said that a different group of hackers were behind the most recent breach.
What makes the second attack's DLL file different?
On the second attack, Microsoft claimed that the hackers used another malware, which the tech firm described as a small persistence backdoor in the form of a DLL file, which refers to a Dynamic Link Library. This kind of file is usually found in the Windows system.
This DLL file is very different from the first malware used by the main cyber attackers. Why? Because it does not contain a digital signature. Microsoft said that this suggests that the attack might be unrelated to the first massive breach.
"There is still much we don't know, including exactly how the supply chain hack was accomplished, what other vectors were used besides SolarWinds, how many victims were impacted," said Suzanne Spaulding, Nozomi Network's advisor and for DHS undersecretary of cyber and infrastructure.
For more news updates about other security breaches, always keep your tabs open here at TechTimes.
Related Article : SolarWinds' Russian Hack Also Affects Nvidia, Intel, and MORE wiith Potential Exposure of Corporate and Sensitive Data!
This article is owned by TechTimes.
Written by: Giuliano de Leon.
