Since the Solarwinds hack was discovered in December, it has gradually become more and more extensive. US investigators have told the Wall Street Journal that solar winds could not have been the only gateway.
Affected companies with no connection to Solarwinds
Almost a third of the companies affected have no connection at all to Solarwinds. The attackers would have gained access to their targets in a variety of creative ways.
The security company had previously Malwarebytes announced that it was affected by the same attack but has no connections to Solarwinds.
Same vulnerability, different provider
The investigators explain this phenomenon to the Wall Street Journal with the fact that the hackers switched from a cloud computing account to next by exploiting the same Microsoft configuration issues, among other things.
Investigating the effects of the hack and especially the search for those responsible will probably take months. One theory is that a well-known Russian hacker group is responsible.