USA to publish detailed analysis of SolarWinds hacking tools
US Cyber Command and the Department of Homeland Security (DHS) are preparing to release a detailed analysis of the hacking tools used in the SolarWinds attack, which targeted multiple federal agencies and private firms last year.
The report was originally scheduled to be released on Wednesday, but the DHS delayed it without explanation. However, it’s still expected to be published soon.
The report provides details on 18 pieces of malware used by suspected Russian hackers to infiltrate US entities. Potentially, it could enable organisations to discover malicious artefacts in their own systems, and take appropriate action to remove them
One of the tools analysed is a backdoor named Sunshuttle, which provides hackers with persistent access to a network. Another is called Sibot: a covert tool that masquerades as Windows software.
The report also talks about a webshell called China Chopper, which enables hackers to maintain access to a network. According to US officials, this popular script was found as a customised…