A malware program used in the SolarWinds supply-chain attack seeks out developers’ builds of the SolarWinds Orion IT management platform and then replace a source file with the Sunburst backdoor. (Stephen Foskett/CC BY-NC-SA 2.0)
Forensic investigators have discovered a novel malware program used in the SolarWinds supply-chain attack – one designed specifically to seek out developers’ builds of the SolarWinds Orion IT management platform and then replace a source file with the Sunburst backdoor.
Targeting build servers in such a manner is a devious strategy, because such machines prioritize efficiency of developer use over the kind of in-depth security that’s needed to reliably detect malicious activity. SolarWinds noted this week in a new blog post that its software development and build process “is common throughout the software industry” – a troublesome notion that raises the specter of other developer environments being targeted in a similar fashion following the resounding success of this attack.
For that reason, SolarWinds and other cybersecurity experts are stressing the importance of developer organizations understanding the true nature of the threat.
SolarWinds also revealed two potentially missed opportunities to ..
Support the originator by clicking the read the rest link below.
