WASHINGTON (Reuters) – The hockey group behind the SolarWinds compromise was able to break into Microsoft Corp and gain access to some of its source code, Microsoft said Thursday.
In a blog post, Microsoft said that their study turned an anomaly into “a small number of internal accounts” and that one of the accounts was used to view source code in several source code sources. ”
The revelation adds to the growing picture of the compromises associated with the SolarWinds hack, which used the Texas-based company’s flagship network monitoring software as a leapfrog to break even. into the sensitive networks of the US government and other technical companies. Microsoft had already reported how other companies had detected malicious versions of SolarWinds software within its network, but the source code release is new. [L1N2IY01F]
A company ‘s source code – the basic set of instructions that run a piece of software or an operating system – is usually one of its closest secrets.
It is not clear how many or specifically what source code the hackers could gain access to. A Microsoft spokesperson declined to comment in detail on the blog post.
Microsoft said the hijacked account could not modify the Microsoft code. The blog post also stated that it did not find evidence of “access to production services or messenger data. ”
“The ongoing investigation found no evidence that our systems have been used to attack others,” he said.
Reporting by Raphael SatterEditing with Chris Reese and Diane Craft