Cybersecurity Firm Malwarebytes Was Hacked By ‘Dark Halo,’ The Same Group That Breached Solarwinds Last Year

Malwarebytes learned of the breach on December 15 from the Microsoft Security Response Center and has explored the issue. The business’s CEO Marcin Kleczynski told ZDNet the hacker only gained access to a limited part of internal firm emails and also included that the “software stays risk-free to utilize.”

The very same group that breached IT software company SolarWinds in 2014 has hacked cybersecurity company Malwarebytes, contributing to the growing listing of major security firms targeted by the group.

In an emailed statement to Insider, a Malwarebytes spokesperson stated, “While we were lucky to experience a restricted impact on our service, this circumstance underscores the need for the industry to remain to team up in efforts to prevent progressively complicated nation-state assaults.”

In an emailed statement, a Malwarebytes spokesperson stated based upon the techniques of the assault, the firm thinks it was “the same threat star” that attacked SolarWinds. According to the story first reported by ZDNet, Malwarebytes said hackers utilized a weakness in the Azure Active Directory and harmful Office 365 applications to breach the company’s internal systems. The firm said the situation was not related to the SolarWinds’ breach, as Malwarebytes does not utilize any of its designs.

The SolarWinds hack in 2015 was a “supply chain assault” that resulted in breaches at US government agencies and various other businesses. SolarWinds, FireEye, Microsoft, CrowdStrike, and currently Malwarebytes have actually all been targeted by UNC2452/Dark Halo, a US firm that has stated the Russian government lags.