Three New Malware Strains Used By SolarWinds Hackers Revealed By Microsoft

Microsoft has revealed the data on malware that SolarWinds hackers deployed as the second-stage payloads. Three new malware strains are dubbed GoldMax, Sibot, and GoldFinder, and the hacking group that used Sunburst backdoor and Teardrop malware is tracked as Nobelium. Microsoft also revealed the functions and capabilities of the malware strains: GoldMax is a command-and-control backdoor used for hiding malicious activity and evading detection; Sibot is a VBScript-based malware used to download extra payloads; GoldFinder is a custom HTTP tracer tool for detecting servers and redirectors like network security devices between the infected devices and C2 server. Read more...