- SolarWinds hackers attacked cybersecurity firm Malwarebytes, ZDNet reported.
- The company’s software remains “safe to use,” the CEO said.
- Malwarebytes adds to a growing list of firms attacked by the SolarWinds hackers.
- Visit Business Insider’s homepage for more stories.
The same group that breached IT software company SolarWinds last year has hacked cybersecurity firm Malwarebytes, ZDNet reported, adding to the growing list of major security firms targeted by the group.
Malwarebytes said hackers used a weakness in the Azure Active Directory and malicious Office 365 applications to breach the company’s internal systems, according to ZDNet. The company said the situation was not related to the SolarWinds’ breach, as Malwarebytes doesn’t use any of their systems.
The SolarWinds hack last year was a “supply chain attack” that led to breaches at US government agencies and other businesses. SolarWinds, FireEye, Microsoft, CrowdStrike and now Malwarebytes have all been targeted by UNC2452/Dark Halo, a group US agencies have said the Russian government is behind.
Malwarebytes was not immediately available for Insider’s request for comment.
Malwarebytes learned of the breach on December 15 from the Microsoft Security Response Center and has since investigated the matter. The company's CEO Marcin Kleczynski told ZDNet the hacker only gained access to a limited subset of internal company emails and added that the "software remains safe to use."