SolarWinds Orion software updates released between March and June 2020 were injected with backdoor code. FireEye has not so far publicly attributed the attack to any specific nation-state actor, but multiple media reports have pinned the intrusion campaign on APT29 (aka Cozy Bear), a hacker group associated with Russia’s foreign intelligence service. ReversingLabs’ Tomislav Pericin said the operators likely managed to compromise the software build and code signing infrastructure of the company as early as October 2019 to deliver the malicious backdoor.
Source: https://thehackernews.com/2020/12/new-evidence-suggests-solarwinds.html