On Thursday, Microsoft said in a blog post that its internal investigation found the hackers studied parts of the source code instructions for its Azure cloud programs. The source code instructions are related to security and identity and Intune management for mobile applications and devices.
Some hacking also used such methods at targets that did not use SolarWinds.
Initially discovered by FireEye Inc, a security provider , the hackers used advanced skills to insert software back doors for spying into widely used network-management programs distributed by SolarWinds Corp.
Ultimately, the problems with identity management proved so pervasive in the recent attacks that multiple security companies issued new warnings and guidelines for detecting misuse.