Posted on 12/19/2020 10:13:01 AM PST by linMcHlp
UPDATED: The seized domain has been turned into a killswitch to prevent the SolarWinds hackers to escalate infections and make new victims.
Microsoft and a coalition of tech companies have intervened today to seize and sinkhole a domain that played a central role in the SolarWinds hack, ZDNet has learned from sources familiar with the matter.
The domain in question is avsvmcloud[.]com, which served as command and control (C&C) server for malware delivered to around 18,000 SolarWinds customers via a trojanized update for the company's Orion app.
SolarWinds Orion updates versions 2019.4 through 2020.2.1, released between March 2020 and June 2020, contained a strain of malware named SUNBURST (also known as Solorigate).
[I can’t predict which way it’ll go, or maybe some third way....]
800 Chicoms in IBM is less than 1/2 of 1%. Depends on what they do.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.