Connect with us

Business

Swiss Firm Says It Has Accessed Servers of a SolarWinds Hacker

Published

on

A Swiss cybersecurity firm says it has accessed servers used by a hacking group tied to the SolarWinds breach, revealing details about who the attackers targeted and how they carried out their operation. The firm, PRODAFT, also said the hackers have continued with their campaign through this month. PRODAFT researchers said they were able to break into the hackers’ computer infrastructure and revi

ew evidence of a massive campaign between August and March, which targeted thousands of companies and government organizations across Europe and the U.S. The aim of the hacking group, dubbed SilverFish by the researchers, was to spy on victims and steal data, according to PRODAFT’s report.

SilverFish carried out an “extremely sophisticated” cyber-attack on at least 4,720 targets, including government institutions, global IT providers, dozens of banking institutions in the U.S. and EU, major auditing/consulting firms, one of the world’s leading Covid-19 test kit manufacturers and aviation and defense companies, according to the report.

The hackers used other methods to attack their victims besides the vulnerability in SolarWinds’s software, according to the researchers. The researchers don’t attribute the attacks to a known hacking organization or a country, though they describe SilverFish as an “APT group.” APT stands for advanced persistent threat, and APT groups are often associated with state-backed hacking organizations. 

 PRODAFT researchers said in an interview that the hackers bore some hallmarks of a state-sponsored group, including not being motivated by money and targeting critical infrastructure. But they said more analysis was required to make a definitive determination.

As a result, it isn’t clear from the report if SilverFish is a hacking organization linked the Russian government, who the U.S. government and other cybersecurity firms have said is likely behind the SolarWinds attack, or if some other organization also participated. That cyber-attack, which was disclosed in December, involved hackers inserting malicious code in updates for popular software from T

Read more at: https://www.bloombergquint.com/onweb/swiss-firm-says-it-has-accessed-servers-of-a-solarwinds-hacker
Copyright © BloombergQuint

Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2023 Cyber Reports Cyber Security News All Rights Reserved Website by Top Search SEO