Malwarebytes is undoubtedly one of the most important computer security companies in the world. It offers a wide range of solutions for private users and companies. In this article we echo a news item that indicates how it has been hacked by a group of cybercriminals. This same group has already attacked other important organizations, as we will see.
Malwarebytes suffers a cyber attack
Malwarebytes have announced that they have suffered a computer security attack caused by the same group behind the attacks against SolarWinds a few weeks ago. Keep in mind that these cybercriminals have already set their sights on other organizations such as Microsoft, FireEye or CrowdStrike.
Keep in mind that the American firm Malwarebytes is one of the most important in terms of computer security . It offers many tools to protect us both at the level of home users and organizations. Its mission, in short, is to protect security on the network.
This makes the fact of having suffered a computer attack of this magnitude all the more striking. Attackers reportedly broke their internal systems by exploiting a dormant email protection product within Office 365 . They claim they don’t use any SolarWinds software on their internal network.
This intrusion took place a little over a month ago, on December 15. It was on that date that they detected suspicious activity that came from the inactive Office 365 security application.
At the time, Microsoft was auditing its Office 365 and Azure infrastructures for signs of malicious applications created by hackers at SolarWinds , also known in cybersecurity circles as UNC2452 or Dark Halo.
Malwarebytes has indicated that once it learned of the breach, it began an internal investigation to determine what the hackers accessed. They conducted an extensive investigation and found that the attackers only gained access to a limited subset of internal company emails.
No Malwarebytes product has been affected
As we have indicated at the beginning of the article, Malwarebytes has a large number of security-oriented products for both private users and companies. A problem that affects the company could derive from failures in this type of program.
However, they have indicated that no product has been harmed. They did a very thorough audit of all the products and source code to find any kind of problem. They ensure that their internal systems did not detect any symptoms of unauthorized access or compromise in any local and production environment.
Ultimately, Malwarebytes has become the fourth major organization to have been targeted by the UNC2452 / Dark Halo cybercriminals. Previously, as we have indicated, it has already affected Microsoft, FireEye and CrowdStrike.
It is important to highlight the importance of always having security programs. Keeping equipment protected is essential to preserve its proper functioning and avoid problems that can damage privacy when browsing. This must be applied at all levels. We leave you a tutorial with tips to improve computer security at home.
