On Thursday, Microsoft announced that the SolarWinds hackers obtained access to the source code for a restricted number of Azure, Intune, and Exchange components.
Last year in December, it was revealed that the SolarWinds’ network management company underwent a complex cyberattack that enabled hackers to build a supply chain attack that target’s the company’s clients.
Following the internal investigations in December 2020, Microsoft affirmed SolarWinds supply chain hackers obtained access to a few of its internal accounts. However, the hacker could only obtain access to a reduced amount of source code repositories.
Some Azure Exchange Source Code Was Downloaded
On Thursday, Microsoft has released the definitive update into their examination and concluded that the hackers could only obtain access to some files for several repositories.
However, for a few repositories such as Azure, Intune, and Exchange, the threat actors will be able to download component source code.
For a minimal number of repositories, there was added access, including in a few cases, the hackers were able to download component source code. These repositories enclosed code for:
- a small subset of Azure components (subsets of service, security, identity)
- a small subset of Intune components
- a small subset of Exchange components
If any credentials were embedded in the source code, it would have likely permitted the attackers to obtain furtheraccess to Microsoft’s systems.
Microsoft says that they have a severe development policy that forbids saving secrets in source code and utilize automated tools to test and check this compliance.
Microsoft’s investigation concluded that the accessed code didn’t consist of any credentials.
“We have affirmed that the repositories complied and didn’t consist of any live, production credentials,” Microsoft stated in a final report.
Subscribe to our newsletter for the latest security news right from the security and research industries.