Microsoft announced that SolarWinds hackers have downloaded Azure, Exchange, and Intune source code.
The Microsoft security team has officially completed its investigation into SolarWinds today. According to the conclusion, no evidence was found that hackers had used their internal systems or official products to attack end-users and commercial customers. The software giant began investigating the situation in mid-December, following the discovery that Russian-linked hackers had developed malware for the Orion IT monitoring platform.
The company explained that hackers used the access they gained through the SolarWinds Orion app to return to Microsoft's internal network, where they accessed the source code for several internal projects. "Our analysis shows that the first display of a file was in late November. We also see that this problem is over when we secure the affected accounts," he said in a statement.
Microsoft adds that hackers tried to access their Microsoft accounts throughout December and even weeks after the SolarWinds breach was exposed. So the pirates didn't give up their attempts even when it was revealed that the case was being investigated.
Beyond viewing files, hackers were able to download some source code as also. However, Microsoft says this data is also not comprehensive and that intruders have downloaded the source code of several components related only to some of their cloud-based products, but the situation remains serious. According to the company, the repossess accessed by hackers included the codes of the Azure, Intune, and Exchange services.
Finally, based on Microsoft's statements, it seems that hackers have not achieved their goal.