The Solorigate incident has been shaking the cybersecurity community since the last month. With many companies reputedly being infected with this malicious
SolarWinds update, Microsoft has now revealed that the source code of some of its products has been viewed from a compromised internal account.
Source Code of Microsoft Products Viewed
Microsoft is one of the first companies that detected the malicious campaign of Solorigate, a malicious software update that’s being passed to all SolarWinds customers via a fake update. Researchers have warned about illegal snooping activities and more that can be done with that.
And there are several notable agencies who were reportedly impacted by this, including the US government agencies. Though researchers have noted IOCs and other compromise detectors to avoid this infection, there are some companies who already affected, including Microsoft itself!
The Windows OS maker has revealed earlier and now updates in its blog post that, there are instances where some of the internal accounts were compromised to view the source code of some of its products. Further, it said that such access was terminated and assured the account has no rights to modify the code.
Confirming that no change was made, it said it doesn’t count viewing the source code of its products as a security risk in any way! In its post, Microsoft said,
“We detected unusual activity with a small number of internal accounts and upon review, we discovered one account had been used to view source code in a number of source code repositories.”
Further, “The account did not have permissions to modify any code or engineering systems and our investigation further confirmed no changes were made. These accounts were investigated and remediated.”
Also, it “found no evidence of access to production services or customer data. The investigation, which is ongoing, has also found no indications that our systems were used to attack others.“