StatusCake

Everything you need to know about the Malwarebytes hack

hackers

We’ve all become more conscious of the risk of online scammers and hackers, especially since we put more and more of our personal information into websites and apps on a daily basis. We’ve become more knowledgeable on the likes of data protection through EU regulations like GDPR and learned about how we “drop” cookies as we surf the web. This all makes room for the likes of antivirus software company Malwarebytes to become increasingly popular, with many wanting constant checks on their devices and websites for the infamous malware threats. 

Malwarebytes is known globally for its reliable and effective product but it came to light that they were hacked in late 2020 by the Dark Halo hacker group that attacked Microsoft, SolarWinds, FireEye, and CrowdStrike. Unbeknownst to these companies, the malicious hacker group managed to breach its security and get access to their system. 

How was Malwarebytes hacked?

Good question. The breach was picked up by none other than tech giant Microsoft, the third-party service provider that Malwarebytes was using and the company was notified by Microsoft Security Response Centre that they had noticed some unusual activity in their Office 360 tenant from a third party application. Once the company was notified they quickly ran a full analysis of their system with the help of Microsoft’s Detection & Response Team (DART). 

Malwarebytes investigation into the hacking

It must be difficult for an antivirus software to come out and speak openly about hacking that they were the victim of, but Malwarebytes didn’t shy away from the issue and publicly came out with a statement.

Malwarebytes said, “Together, we performed an extensive investigation of both our cloud and on-premises environments for any activity related to the API calls that triggered the initial alert” and that “After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails,” he also mentioned that they had checked the legacy code for any discrepancies but nothing unusual was found. 

What they found was that the hackers had used sophisticated techniques and procedures that matched the attack on Pingdom owners, SolarWinds. The hackers had leveraged a dormant email protection product to break the company’s integral system including Office 356 and Azure. They self-certified the credentials to gain access to the internal platforms. Once they had access to the Azure API environment, they used this API to call requests to gain access to the internal email. It’s only when Malwarebytes checked their API system that they located the requests history and were able to identify and stop the hackers from getting access. 

Malwarebytes and SolarWinds hack

Malwarebytes has distanced itself from the SolarWinds’ hack by stating the attack was not directly related and that they don’t use any of their software. As more information has come to light, the hack could very well be connected to a string of attacks the Dark Halo group completed in December. Unfortunately, Microsoft was one of the companies they managed to breach then too.  

A Malwarebytes statement by its CEO said “Our internal systems showed no evidence of unauthorized access or compromise in any on-premises and production environments.” Most importantly, “Our software remains safe to use”.

What does this mean for your website?

The most important thing to note from this hacking saga is that it can happen to anyone. It doesn’t matter if you’re a small business or tech giant like Microsoft, hackers aren’t that picky. It’s therefore hugely fundamental for businesses to invest heavily into cybersecurity, and by that, I don’t just mean doing a virus scan once in a while. There are many ways to prevent hackers and threatening bots from performing malicious activities on your websites and ways to identify potential risks with the use of server monitoring and domain monitoring software. 

Many people believe that hackers simply steal personal information on your website but this is just 1% of what they can do. They can hijack your domain and essentially steal your entire “shop sign” associated with your brand. Imagine how much work you’ve done to make your domain rank highly in Google and how much authority it has just for it to then be hijacked. Domain monitoring might seem like a secondary thought but hacks like Malwarebytes show you just how important it can be. 

The same goes for server monitoring. If you can see suspicious activity such as raised resource usage on your server, it undoubtedly gives you a chance to identify potential external hacks, giving you an extra level of protection than when you leave your website unmonitored, without any insight into what’s happening on your trusted servers.

What have the big companies learned from the Malwarebytes hack

It has become evident that the tech giants are working together to overcome these threats and are commonly sharing information and tools to help minimise damage caused by such malicious threats. Although businesses are in competition with each other for rankings and ultimately, customers, they understand the bigger threat they face with online hackers. Staying alert and monitoring the risks and any suspicious activity is the key to prevention, especially for your customers’ data and your business reputation as a whole. The Malwarebytes attack is undoubtedly one of many to come, but this is an ongoing battle that all companies have to learn to live with. Luckily, they have StatusCake to help them through it. 

Share this

More from StatusCake

statuscake github
Engineering

StatusCake GitHub Projects

4 min read I allows users of the platform to come up with custom ways of interacting and making our tools work for their specific needs. In this blog post I’m going to look at a few recent projects on GitHub that use the StatusCake API to either save you time or do something interesting with your test data.  

downtime
short-reads

The one where the Lloyds Banking Group suffered downtime

2 min read It’s estimated that over 18 million people in the UK use online banking. So when the Lloyds, Halifax, and the Bank of Scotland online banking platforms all suffered partial downtime, millions of people were unable to access their accounts properly. Find out more here!

google maps down
Engineering

Website downtime: The one where Google Maps went down

2 min read March saw many of the big tech companies have technical issues with their products and services. But the biggest one was by far the colossal Google; Google Maps experienced the much dreaded website downtime impacting thousands of users across the globe. It was reported online that Google Maps had suffered a partial outage meaning that many couldn’t access the location tool. Read all about it here.

website accessibility
How To

Website accessibility for all, by all

4 min read
It is so important that every aspect of the web is accessible to all, and if – like me – you work in digital, then it is our responsibility that we make that happen. Here’s how!

Engineering

The hottest new UI trends for 2022 (and how to achieve them!)

4 min read The web as a whole is constantly evolving and alongside this comes fantastic innovations in how we display content to the user. Some companies are really leading the way when it comes to innovative user interfaces, so in this blog post I will be highlighting a selection of the trends that these companies are pushing forward and how you can recreate them yourself on your own site.

Want to know how much website downtime costs, and the impact it can have on your business?

Find out everything you need to know in our new uptime monitoring whitepaper 2021

*By providing your email address, you agree to our privacy policy and to receive marketing communications from StatusCake.