Malignant tool called “Sunspot” was deployed into the SolarWinds Orion platform to inject the Sunburst backdoor into the company’s network monitoring platform. Crowdstrike is tracking the intrusion under the moniker “StellarParticle” The malware adds to a growing list of previously disclosed malicious software such as Sunburst and Teardrop. Kaspersky researchers found what appears to be a first potential connection between Sunspot and Kazuar, a malware family linked to Russia’s Turla state-sponsored cyber-espionage outfit.
Source: https://thehackernews.com/2021/01/unveiled-sunspot-malware-was-used-to.html