{"id":120318,"date":"2021-03-08T01:22:17","date_gmt":"2021-03-08T09:22:17","guid":{"rendered":"https:\/\/lifeboat.com\/blog\/2021\/03\/researchers-find-3-new-malware-strains-used-by-solarwinds-hackers"},"modified":"2021-03-08T01:22:17","modified_gmt":"2021-03-08T09:22:17","slug":"researchers-find-3-new-malware-strains-used-by-solarwinds-hackers","status":"publish","type":"post","link":"https:\/\/lifeboat.com\/blog\/2021\/03\/researchers-find-3-new-malware-strains-used-by-solarwinds-hackers","title":{"rendered":"Researchers Find 3 New Malware Strains Used by SolarWinds Hackers"},"content":{"rendered":"<p><a class=\"aligncenter blog-photo\" href=\"https:\/\/lifeboat.com\/blog.images\/researchers-find-3-new-malware-strains-used-by-solarwinds-hackers.jpg\"><\/a><\/p>\n<p>FireEye and Microsoft on Thursday said they discovered three more malware strains in connection with the SolarWinds supply-chain attack, including a \u201csophisticated second-stage backdoor,\u201d as the investigation into the <a href=\"https:\/\/thehackernews.com\/2021\/03\/solarwinds-blame-intern-for-weak.html\" rel=\"noopener\" target=\"_blank\">sprawling espionage campaign<\/a> continues to yield fresh clues about the threat actor\u2019s tactics and techniques.<\/p>\n<p>Dubbed GoldMax (aka SUNSHUTTLE), GoldFinder, and Sibot, the new set of malware adds to a growing list of malicious tools such as <a href=\"https:\/\/thehackernews.com\/2021\/01\/unveiled-sunspot-malware-was-used-to.html\" rel=\"noopener\" target=\"_blank\">Sunspot<\/a>, <a href=\"https:\/\/thehackernews.com\/2020\/12\/new-evidence-suggests-solarwinds.html\" rel=\"noopener\" target=\"_blank\">Sunburst<\/a> (or Solorigate), <a href=\"https:\/\/thehackernews.com\/2020\/12\/a-second-hacker-group-may-have-also.html\" rel=\"noopener\" target=\"_blank\">Teardrop<\/a>, and <a href=\"https:\/\/thehackernews.com\/2021\/01\/researchers-discover-raindrop-4th.html\" rel=\"noopener\" target=\"_blank\">Raindrop<\/a> that were stealthily delivered to enterprise networks by <a href=\"https:\/\/thehackernews.com\/2021\/01\/fbi-cisa-nsa-officially-blames-russia.html\" rel=\"noopener\" target=\"_blank\">alleged Russian operatives<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>FireEye and Microsoft on Thursday said they discovered three more malware strains in connection with the SolarWinds supply-chain attack, including a \u201csophisticated second-stage backdoor,\u201d as the investigation into the sprawling espionage campaign continues to yield fresh clues about the threat actor\u2019s tactics and techniques. Dubbed GoldMax (aka SUNSHUTTLE), GoldFinder, and Sibot, the new set of [\u2026]<\/p>\n","protected":false},"author":427,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[34],"tags":[],"class_list":["post-120318","post","type-post","status-publish","format-standard","hentry","category-cybercrime-malcode"],"_links":{"self":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/120318","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/users\/427"}],"replies":[{"embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/comments?post=120318"}],"version-history":[{"count":0,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/posts\/120318\/revisions"}],"wp:attachment":[{"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/media?parent=120318"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/categories?post=120318"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lifeboat.com\/blog\/wp-json\/wp\/v2\/tags?post=120318"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}