George Kurtz, Co-Founder and CEO of Crowdstrike Inc., speaks at the Montgomery Summit in Santa Monica, California.
Patrick T. Fallon | Bloomberg | Getty Images
The suspected Russian hackers blamed for breaking into a string of US government agencies and cybersecurity company FireEye have also made a failed attempt to hack cybersecurity firm CrowdStrike, the Sunnyvale, California-based company said in a blog post.
CrowdStrike said it had been warned by Microsoft on December 15 that the hackers had attempted to read CrowdStrike’s emails using a Microsoft reseller account “several months ago.”
CrowdStrike said in its blog post that the attempt was unsuccessful.
Microsoft did not immediately return a message asking for comment on Thursday. The National Security Agency and the Cybersecurity and Infrastructure Security Agency did not immediately return messages.
Using a Microsoft reseller to attempt to break into a leading digital defense company raises new questions about how many different locations the hackers have had to infiltrate US networks.
Until now, Texas-based SolarWinds has been the only publicly confirmed vector for break-ins, although officials have been warning for days that the hackers had also used other unspecified avenues to undermine their targets.
Separately, SolarWinds said on Thursday that it had released an update to fix vulnerabilities in its flagship network management software, Orion, following the discovery of a second batch of hackers targeting the company’s products.
The announcement follows a Microsoft blog post on Friday that said SolarWinds had targeted its software at a second and unrelated group of hackers besides those linked to Russia.
The identity of the second group of hackers, or the extent to which they have successfully broken into something, remains unclear.
Russia has denied playing a role in hacking.
Subscribe to CNBC on YouTube.