Autodesk Was Targeted by Russian SolarWinds Hackers

Autodesk Was Targeted by Russian SolarWinds Hackers

During the SolarWinds Orion attack, Russian state hackers also targeted tech giant Autodesk, the company confirmed.

Autodesk is a leading software and services company that provides CAD (computer-aided design), drafting, 3D modeling tools, and other solutions for the design, engineering, construction, and industrial sectors.

“We identified a compromised SolarWinds server and promptly took steps to contain and remediate the incidents,” Autodesk said in a recent 10-Q SEC filing. “While we believe that no customer operations or Autodesk products were disrupted as a result of this attack, other, similar attacks could have a significant negative impact on our systems and operations.”

Autodesk detected a compromised SolarWinds server on December 13. The company did not see any other malware besides Sunburst. According to the attackers, they did not execute any other threats besides the backdoor.

“Soon after, the server was isolated, logs were collected for forensic analysis, and the software patch was applied,” the spokesperson said. “Autodesk’s Security team has concluded their investigation and observed no malicious activity beyond the initial software installation.”

The attack that affected SolarWinds’ infrastructure was launched by a division of the Russian Foreign intelligence Service (FS). This group, which is also known as APT29, The Dukes, or Cozy Bear, is responsible for other high-profile attacks.

After gaining access to the Orion Software Platform’s internal systems, attackers were able to modify the platform and planted a trojan in it source code and builds released between March 2020 and June 2020.

These trojanized builds were used to execute a remote code execution (RCE) attack that could allow an attacker to gain control of an infected system.

As a result, the Russian government gained access to the private networks of multiple US federal agencies and tech firms.

SolarWinds, which provides powerful and affordable software, had about 300,000 customers worldwide, among them 25 US Fortune 500 companies and top ten US telecom companies. The list also included the US Military, the US State Department, NASA, NOAA, and the Office of the president of the US.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.