Cybersecurity firm Malwarebytes was hacked by 'Dark Halo,' the same group that breached SolarWinds last year

Natasha Dailey
·2 min read
computer hack cybercrime
Nicolas Armer/picture alliance via Getty Images
  • SolarWinds hackers attacked cybersecurity firm Malwarebytes, ZDNet reported.

  • The company's software remains "safe to use," the CEO said.

  • Malwarebytes adds to a growing list of firms attacked by the SolarWinds hackers.

  • Visit Business Insider's homepage for more stories.

The same group that breached IT software company SolarWinds last year has hacked cybersecurity firm Malwarebytes, adding to the growing list of major security firms targeted by the group.

In an emailed statement, a Malwarebytes spokeswoman said based on the techniques of the attack, the company believes it was "the same threat actor" that attacked SolarWinds.

Malwarebytes said in a blog that hackers "leveraged a dormant email protection product" to breach the company's internal systems, including Office 365 and Azure. ZDNet first reported the news.

Malwarebytes learned of the breach on December 15 from the Microsoft Security Response Center and has since investigated the matter, ZDNet reported. "Our ongoing investigation of recent attacks has found this advanced and sophisticated threat actor had several techniques in their toolkit. We have not identified any vulnerabilities in our products or cloud services. " Jeff Jones, Microsoft Senior Director, said in an email.

Malwarebytes CEO Marcin Kleczynski told ZDNet the hacker only gained access to a limited subset of internal company emails and added that the "software remains safe to use."

In an emailed statement to Insider, a Malwarebytes spokeswoman said, "While we were fortunate to experience a limited impact on our business, this scenario underscores the need for the industry to continue to collaborate in efforts to prevent increasingly complex nation state attacks."

Read more: Top federal cybersecurity experts explain why the SolarWinds cyberattack is such a big deal - and why it's too soon to declare cyberwar

The SolarWinds hack last year was a "supply chain attack" that led to breaches at US government agencies and other businesses. SolarWinds, FireEye, Microsoft, CrowdStrike and now Malwarebytes have all been targeted by UNC2452/Dark Halo, a group US agencies have said the Russian government is behind. Malwarebytes said its situation was not related to the SolarWinds' breach, as the firm doesn't use any of SolarWinds systems. FireEye told Insider on Tuesday that its researchers are seeing new incursions from the SolarWinds attacks, including hacking into companies' Microsoft 365 email.

Read the original article on Business Insider