WASHINGTON: Discovered hackers used a previously unknown defect in two of SolarWinds’ products to target “a small, focused set of consumers,” according to the company. The hackers were not identified in the statement, which was released over the weekend at https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35211.
SolarWinds said the flaw was “completely unrelated” to last year’s hack of government networks by alleged Russian spies, a sprawling espionage operation that used the Texas-based software company as a springboard to break into target networks, according to a question-and-answer page appended to the statement.
SolarWinds “is unaware of the identities of the possibly affected consumers” swept up in the new hacking campaign, according to the page.
The problem was discovered by Microsoft Corp experts, according to SolarWinds. SolarWinds did not respond to a Reuters request for comment on the development right away. Microsoft did not respond to requests for comment.
(Raphael Satter contributed reporting, and Sandra Maler edited the piece.)
Reuters is the source of this information./n
