Experts Claim SolarWinds’ Very Weak Password Made It Vulnerable! Anyone Can Guess It, Here’s Why

Security researchers found out why SolarWinds was hacked by the alleged Russian hackers. They claim that the giant software company used a very weak password in 2019 that left it vulnerable to breaches.

Security Researchers Found the Main Reason Why SolarWinds Was Attacked! Anyone Can Guess Its Very Weak Password

(Photo : Photo by Leon Neal/Getty Images)
In this photo illustration, A woman is silhouetted against a projection of a password log-in dialog box on August 09, 2017 in London, England. With so many areas of modern life requiring identity verification, online security remains a constant concern, especially following the recent spate of global hacks.

Also Read: Avast Discovers 28 Malicious Extensions for Google Chrome, Microsoft Edge

According to Vinoth Kumar, the company previously used the word “solarwinds123” as its password. However, since it is obviously weak and anyone can guess it, he contacted the company in 2019 to warn it.

Previously, there are some hackers that claim they already accessed SolarWinds’ database. They added that they could sell access to the company’s computers.

However, it was not clear if the offer was for selling access to computers that used SolarWinds software or for selling a method to infiltrate the actual company.

On the other hand, Reuters previously reported that other researchers said that the password was not the main reason for the company’s vulnerability.

Is the password ‘solarwinds123’ really the main cause?

Other experts clarified that the weak password was not the main cause of the intrusion. Kyle Hanslovan, the Mary-land based cybersecurity company Huntress’ confounder, said that the malicious updates were still available for download days after the company’s software was compromised.

Although it is not considered as the main reason for the vulnerability, the weak password shows how terrible SolarWinds’ security culture is. This is really alarming since the company’s Orion network management tool is used to manage switches and routers inside large corporate networks.

Investigation is still ongoing

According to Extreme Tech‘s latest report, security researchers are currently investigating the massive breach in SolarWinds. As of the moment, there is not enough information to confirm how hackers infiltrated the company’s database and software.

Security Researchers Found the Main Reason Why SolarWinds Was Attacked! Anyone Can Guess Its Very Weak Password

(Photo : Photo by Leon Neal/Getty Images)
In this photo illustration, a password log-in box is projected onto the face of a woman on August 09, 2017 in London, England. With so many areas of modern life requiring identity verification, online security remains a constant concern, especially following the recent spate of global hacks.

The recent hack is a serious one since it breached the Orion, which has around 33,000 customers out of a total customer base of 330,000 customers. If the info is correct, it means that around 54% of the company’s customers are compromised.

Security researchers said that they are sure that APT29 is not the one that directly attacked SolarWinds’ source code repository, which is the software build system.

Although the direct hackers are not identified yet, experts said that they are really specialized in hacking since they were able to pull off the massive attack.

Current reports suggested that the hackers are also responsible for a series of attacks on a particular think tank way back in 2019 and early 2020.

admin

Leave a Reply

Your email address will not be published. Required fields are marked *

Next Post

Instagram and Facebook Messenger Features Like Stickers and Polls Temporarily Disabled in Europe

Thu Dec 17 , 2020
Instagram and Messenger disabled in Europe  ( Pexels/energepic.com ) Facebook notified Instagram and Facebook Messenger users in Europe that some features of the app will be temporarily unavailable. A small prompt has appeared in both the Instagram apps and Facebook Messenger apps for European users earlier this week. Instagram and Messenger features […]