Cybersecurity firm FireEye and Microsoft published blog posts detailing multiple new malware pieces that they believe are connected to the hackers behind the supply chain attack targeting SolarWinds.
Microsoft Threat Intelligence Center (MTIC) has named the threat actor behind the attacks as Nobelium. Microsoft has also identified three new pieces of malware used by Nobelium after it compromised the targeted organization’s network. The malware, named GoldFinder, GoldMax, and Sibot, has been used to maintain persistence and for other “very specific” actions.
To Read More: SecurityWeek