The novelty of the malware “stems from how well it blends into the build process,” said Brian Coulson, principal threat research engineer at LogRhythm. “The adversary appears to have had great knowledge of the build process prior to the execution of the attack. This likely implies that the adversary had compromised the environment some time ago and was able to gather intelligence along the way to plan and execute their attack.”
Sunspot Malware Scoured Servers for SolarWinds Builds That it Could Weaponize
Comments are closed.