Microsoft Corp said it found malicious software in its systems related to a massive hacking campaign disclosed by U.S. officials this week, adding a top technology target to a growing list of attacked government agencies.
Microsoft Corp said it found malicious software in its systems related to a massive hacking campaign disclosed by U.S. officials this week, adding a top technology target to a growing list of attacked government agencies. The Redmond, Washington company is a user of Orion, the widely deployed networking management software from SolarWinds Corp, which was used in the suspected Russian attacks on vital U.S. agencies and others. Microsoft also had its own products leveraged to attack victims, said people familiar with the matter. «Like other SolarWinds customers, we have been actively looking for indicators of this actor and can confirm that we detected malicious Solar Winds binaries in our environment, which we isolated and removed,» a Microsoft spokesperson said, adding that the company had found «no indications that our systems were used to attack others.» One of the people familiar with the hacking spree said the hackers made use of Microsoft cloud offerings while avoiding Microsoft’s corporate infrastructure. Microsoft did not immediately respond to questions about the technique. Still, another person familiar with the matter said the Department of Homeland Security (DHS) does not believe Microsoft was a key avenue of fresh infection. Both Microsoft and the DHS, which earlier on Thursday said the hackers used multiple methods of entry, are continuing to investigate.
