Cybersecurity firm CrowdStrike has discovered the malware used by the SolarWinds hackers to inject backdoors in Orion platform builds during the supply-chain attack that led to the compromise of several companies and government agencies. The identity of the hackers behind this supply chain attack is still unknown. Kaspersky was the first to make a connection between the hackers and a previously known cyber-espionage group after finding that the Sunburst backdoor has feature overlaps with Kazuar, aNET backdoor tentatively linked to the Russian Turla hacking group.
Source: https://www.bleepingcomputer.com/news/security/new-sunspot-malware-found-while-investigating-solarwinds-hack/