banner Expire 1 February 2024
Ad Ends 13 January 2025
ad End 25 April 2025
banner Expire 25 April 2025
banner Expire 16 November 2024
ad expire at 08 november 2024
What's new
banner Expire 16 November 2024
Ad Ends 20 January 2025
banner Expire 11 November 2024
Adv exp on 11 NOv 2024
banner Expire 15 January 2025
Ad expire at 5 August 2024
banner Expire 20 October 2024
Western union transfer
UniCvv
casino
swipe store
adv exp at 23 August 2024
Carding.pw carding forum
BidenCash Shop
Kfc CLub

US PAYROLL AGENCY TARGETED IN SEPARATE SOLARWINDS ATTACK - REPORT

Dark_Code_x

TRUSTED VERIFIED SELLER
Staff member
Joined
Jun 28, 2020
Messages
6,601
Reaction score
715
Points
212
Awards
2
  • Somebody Likes you
  • First post
Suspected Chinese state-backed threat actors exploited a SolarWinds Orion bug to compromise a US government payroll agency, a new report has claimed.

The campaign took place last year and was separate to the successful Russian cyber-espionage plot to spy on multiple government departments, five people familiar with the matter told Reuters.

Although the report was unable to clarify how many organizations were targeted, it claimed that the National Finance Center, a federal payroll agency inside the US Department of Agriculture (USDA), was one.

This alone could represent a serious national security risk, as the agency apparently handles personal and financial information on employees of the FBI, State Department, Homeland Security Department and Treasury Department, among others.

“Depending on what data were compromised, this could be an extremely serious breach of security,” former Department of Homeland Security official, Tom Warrick, told Reuters. “It could allow adversaries to know more about US officials, improving their ability to collect intelligence.”

Sources claimed that the attackers used hacking infrastructure and tools deployed in the past by Chinese state-backed threat groups. The Chinese government said in a statement that it opposes any cyber-attacks and urged those making the allegations to provide supporting evidence.

Unlike the Russians, who compromised an Orion update to gain a foothold in victim systems, among other tactics, these attackers were already inside victim networks when they exploited a bug in the software to move laterally, according to the report.

Bizarrely, the USDA both confirmed the breach with Reuters and then, following publication of the story, denied it.

A SolarWinds spokesperson sent the following statement to Infosecurity:
“The customer's network was compromised in a way that was unrelated to SolarWinds. That breach enabled the attackers to add the malicious Supernova code to Orion software on the customer's network. We are aware of one instance of this happening and there is no reason to believe these attackers were inside the SolarWinds environment at any time. This is separate from the broad and sophisticated attack that targeted multiple software companies as vectors."
 
Ad End 1 February 2024
Top