Microsoft announced that SolarWinds hackers have downloaded Azure, Exchange, and Intune source code.
Microsoft security team officially completed its research on SolarWinds today. According to the result, no evidence was found that hackers were abusing their internal systems or official products to attack end users and commercial customers. The software giant began investigating the situation in mid-December after it was discovered that Russian-connected hackers were developing malware for the Orion IT monitoring platform.
The company announced that the hackers used the access they gained through the SolarWinds Orion app to return to Microsoft’s internal network, where they accessed the source code of several internal projects. “Our analysis shows that the first viewing of a file was in late November. We also see that this problem ends when we secure the affected accounts. ” made a statement in the form.
Microsoft adds that the hackers tried to access Microsoft accounts during the month of December and even weeks after the SolarWinds breach was disclosed. In other words, the pirates did not give up their initiatives even when it was revealed that the incident was investigated.
Beyond viewing the files, the hackers were able to download some source code as well. Although Microsoft says that this data is also not exhaustive and that intruders only downloaded the source code of a few components related to some of its cloud-based products, the situation remains dire. According to the company, the repositories hackers accessed contained codes for Azure, Intune, and Exchange services.
Finally, it should be noted that, based on Microsoft’s statements, it is seen that hackers do not achieve their purpose.