Microsoft, one of the affected parties in the Solarwinds hack, says that the perpetrators submitted their rogue code to Solarwinds more than a year ago.
Almost the entire security world is turned upside down now that it appears that various companies and government services are vulnerable to hackers, presumably (but not proven) driven by Russia.
This is caused by the Orion Platform, software from the American Solarwinds, where updates to the product were manipulated to include malware that built in a back door for hackers.
In the investigation into that attack, Microsoft now says that the perpetrators have been actively trying out the options for months before the rollout of that update. In an extensive blog post, the company says it is a compromised DLL file in the Orion platform. A DLL with 4,000 lines of code opened the door to hackers.
Such software updates are digitally signed to detect tampering. But according to Microsoft, there is evidence that the perpetrators were already testing the possibilities in October 2019.
