Malwarebytes, however, assures its anti-malware users that it has conducted a thorough investigation and determined that the attackers only had access to a limited subset of internal company emails. Upon examining its source code and reverse engineering its software, it found no evidence of unauthorized access. Malwarebytes points out that it does not use Microsoft’s Azure cloud services and that its software remains safe to use.
The SolarWinds hack began in March after attackers breached the company’s Orion network management tools. They used a vulnerability in this product to infiltrate SolarWinds customer systems, including Microsoft, the DOJ and the US Department of Energy and National nuclear security administration. Representatives from the FBI, NSA, and the Cybersecurity and Infrastructure Security Agency recently released a joint statement appellation Russia is the most likely entity behind the hacks.