New Backdoor Malware Linked To SolarWinds Hackers Discovered By FireEye
FireEye has discovered a sophisticated backdoor malware on the servers of the organization that got compromised in SolarWinds supply-chain attack. The malware is dubbed SunShuttle, it was uploaded by a U.S.-based entity to a public malware repository in August 2020 and is believed to be linked to hackers behind the SolarWinds campaign. SunShuttle is a GO-malware with evasion features, functioning as a second-stage backdoor in such a compromise for conducting network reconnaissance alongside other SUNBURST-related tools. Read more...