Microsoft today disclosed its discovery that the attackers behind the SolarWinds breach and rigged software update had commandeered one of its internal accounts to view — but not alter — some of its source code “in a number of source code repositories.”
The revelation is the latest twist in a complex breach believed to be perpetrated by Russian hackers on behalf the nation’s SVR intelligence arm that has infiltrated major US government agencies, including the US State Department and Treasury, as well as major companies such as Microsoft and FireEye, the security giant that first detected and revealed the breach. The so-called Dark Halo group (aka UNC2452) infiltrated network management vendor SolarWinds’ software build system and planted a backdoor called Sunburst into updates of the company’s Orion software used by the victims. Some 33,000 organizations…