Security company Malwarebytes was hacked last year by the group behind the major SolarWinds attack. However, it would not be the same attack.
Malwarebytes says hackers infiltrated the security company’s internal systems through an unused email protection app in Office 365. The company was notified on December 15 that there was suspicious activity in the app through the Microsoft Security Response Center.
At the time, Microsoft was scrutinizing its Office 365 and Azure environments, looking for apps that the SolarWinds hackers might create to get into companies.
The security firm assumes that the attackers who compromised its systems are the same as those who also attacked SolarWinds and some other companies. The method described by Malwarebytes is therefore very similar to the one that security company FireEye disclosed in its own report yesterday.
After the report, Malwarebytes started its own investigation. “After a thorough investigation, we learned that the attacker could only access a small part of the internal company emails,” said Marcin Kleczynski, founder and CEO of Malwarebytes in a blog post.