An additional piece of malware, dubbed Raindrop, has been unmasked in the SolarWinds supply-chain attacks. It’s a backdoor loader that drops Cobalt Strike in order to perform lateral movement across victims networks. Raindrop is compiled as a DLL, which is built from a modified version of 7-Zip, Symantec says. It joins other custom malware that has been documented as being used in the attacks, including the Teardrop tool, which researchers said was delivered by Sunburst backdoor.
Source: https://threatpost.com/solarwinds-malware-arsenal-raindrop/163153/