"Solarwinds123": Hacked IT Company Used Weak Password, While Backdoor Access Peddled On Underground Forums

"Solarwinds123": Hacked IT Company Used Weak Password, While Backdo...


Tyler Durden's Photo
BY TYLER DURDEN
WEDNESDAY, DEC 16, 2020 - 10:00

Hacked Texas-based IT infrastructure provider SolarWinds was warned over weak password security last year, after security researcher Vinoth Kumar discovered that the company used "solarwinds123" to protect their update server.

"This could have been done by any attacker, easily," said Kumar, according to Reuters.

On Monday, SolarWinds confirmed that their flagship network management software, Orion, was the target of an international cyberespionage operation which the Washington Post pinned on government-backed Russian hackers - who inserted malicious code into Orion software updates and pushed it out to almost 18,000 customers. 

The malicious updates - sent between March and June, when America was hunkering down to weather the first wave of coronavirus infections - was “perfect timing for a perfect storm,” said Kim Peretti, who co-chairs Atlanta-based law firm Alston & Bird’s cybersecurity preparedness and response team.

Assessing the damage would be difficult, she said.

We may not know the true impact for many months, if not more – if not ever,” she said. -Reuters

Included in the breach were the US Treasury, the Commerce Department's National Telecommunications and Information Administration (NTIA) and other government agencies.

Meanwhile, Reuters also reports that "multiple criminals have offered to sell access to SolarWinds’ computers through underground forums, according to two researchers who separately had access to those forums."

One of those offering claimed access over the Exploit forum in 2017 was known as “fxmsp” and is wanted by the FBI “for involvement in several high-profile incidents,” said Mark Arena, chief executive of cybercrime intelligence firm Intel471. Arena informed his company’s clients, which include U.S. law enforcement agencies. -Reuters

According to the report, neither the weak password or the stolen access are considered the most likely source of the current intrusion, however Kyle Hanslovan, the cofounder of Maryland-based cybersecurity company Huntress, noticed days after the SolarWinds hack that malicious updates were still available for download.

Dominion?

On Monday, screenshots began floating around of Dominion Voting Systems with a solarwinds logo below a login screen, implying that the 2020 US election may have been compromised by hackers, as opposed to on purpose as Trump and his allies have claimed.

Journalist Kim Zetter, however, pointed out that while Dominion does or did use a SolarWinds product, it wasn't their Orion software which was compromised. 

The company's stock has fallen over 25% since Friday's price of $23.50, currently sitting below $18. The company announced on December 9 that CEO Kevin Thompson would be replaced after 11 years at the helm with Sudhakar Ramakrishna, the former CEO of Pulse Secure.

Views: 22

Comment

You need to be a member of 12160 Social Network to add comments!

Join 12160 Social Network

"Destroying the New World Order"

TOP CONTENT THIS WEEK

THANK YOU FOR SUPPORTING THE SITE!

mobile page

12160.info/m

12160 Administrators

 

Latest Activity

Doc Vega posted a blog post

Bungled my Life

Bungled My Life I bungled my life in the service of othersBetrayed by those I helped my sisters and…See More
1 hour ago
0 Comments
MAC commented on MAC's photo
Thumbnail

gvIKn.qR4e-small-MAJOR-MEAT-COMPANY-INVESTS

"I don't know why Less. Tyson has a huge company and they supply many other company's with…"
8 hours ago
tjdavis posted a blog post

Israel’s Celebrity Charm

17 hours ago
0 Comments
tjdavis posted a video

The Untold Stories Of Your Favorite Musicians | Hired Gun | Full Music Documentary

The Untold Stories Of Your Favorite Musicians | Hired Gun | Full Music DocumentaryThey are the “First Call, A-list” musicians, just 20 feet from stardom, yet...
17 hours ago
0 Comments
Doc Vega commented on Doc Vega's blog post An Empty Shell
"Cheeki Kea Thanks! Your messages are always positive and encouraging! Have a blessed day."
yesterday
Doc Vega posted photos
Thumbnail
Thumbnail
Thumbnail
1 more…
Friday
Doc Vega posted blog posts
Friday
Sandy posted a photo
Thumbnail

FB_IMG_1715931665900

Friday
0 Comments
Doc Vega posted blog posts
Wednesday
cheeki kea commented on cheeki kea's blog post Southern Lights / Northern Lights engulf entire world.
"Another nay sayer tried to tell me today that man made auroras just couldn't be possible but…"
Wednesday
cheeki kea commented on Doc Vega's blog post An Empty Shell
"Thats a good poem right over target Doc V.  (We are told in the last chapters of clown word…"
Wednesday
cheeki kea commented on cheeki kea's photo
Thumbnail

liable $$

"https://www.westernstandard.news/news/australian-court-rules-employers-who-mandated-jab-legally-liab…"
Wednesday
cheeki kea posted a photo
Thumbnail

liable $$

Wednesday
1 Comment
tjdavis posted a photo
Thumbnail

Flipping The Script

Tuesday
0 Comments
Less Prone favorited Burbia's blog post Journalism as we know it
Tuesday
Less Prone commented on Less Prone's photo
Thumbnail

Rebuilding Khazaria

"For some reason the original article has been scrubbed, but it still exists in the wayback…"
Tuesday
Less Prone commented on Less Prone's blog post Pregnancy a Dicease?
"Thanks Doc!. This guy thinks he's a smart cookie, but totally fallen under the indoctrination.…"
Tuesday
Doc Vega posted blog posts
May 13
cheeki kea posted a photo
Thumbnail

revolving doors

May 13
0 Comments
cheeki kea commented on cheeki kea's blog post Southern Lights / Northern Lights engulf entire world.
"It does force one to wonder... All sorts of things. "
May 13

© 2024   Created by truth.   Powered by

Badges  |  Report an Issue  |  Terms of Service

content and site copyright 12160.info 2007-2019 - all rights reserved. unless otherwise noted