{"id":39097,"date":"2021-01-12T06:56:08","date_gmt":"2021-01-12T06:56:08","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/"},"modified":"2021-01-12T06:56:08","modified_gmt":"2021-01-12T06:56:08","slug":"kaspersky-lab-autopsies-evidence-on-solarwinds-hack","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/","title":{"rendered":"Kaspersky Lab autopsies evidence on SolarWinds hack"},"content":{"rendered":"<p>Kaspersky Lab reckons the SolarWinds hackers may have hailed from the Turla malware group, itself linked to Russia\u2019s FSB security service.<\/p>\n<p>Referring to the hidden backdoor secretly implanted in SolarWinds&#8217; Orion product, Kaspersky\u2019s Georgy Kucherin wrote in a <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/securelist.com\/sunburst-backdoor-kazuar\/99981\/\">blog post<\/a> on Monday: \u201cWhile looking at the Sunburst backdoor, we discovered several features that overlap with a previously identified backdoor known as Kazuar.\u201d<\/p>\n<div class=\"adun\" data-pos=\"top\" data-raptor=\"eagle\" data-xsm=\",button,mpu_plusplus,\" data-sm=\",button,mpu_plusplus,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<p>Kaspersky, itself a Russian company, linked that Kazuar remote-access hole (a .NET nasty) with previous research by Palo Alto Networks which attributed it to the Russian state-sponsored Turla crew, who were last spotted <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2020\/03\/12\/eset_spots_turla_hackers\/\" rel=\"noopener noreferrer\">targeting<\/a> the Armenian government and <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2020\/02\/14\/austria_foreign_ministry_hack_turla_group_allegs\/\" rel=\"noopener noreferrer\">Austria<\/a>\u2019s Foreign Office.<\/p>\n<p>\u201cWhile Kazuar and Sunburst may be related, the nature of this relation is still not clear,\u201d summarised Kaspersky. &#8220;Through further analysis, it is possible that evidence confirming one or several of these points might arise. At the same time, it is also possible that the Sunburst developers were really good at their opsec and didn\u2019t make any mistakes, with this link being an elaborate false flag.&#8221;<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2021\/01\/05\/solarwinds.jpg?x=174&amp;y=115&amp;crop=1\" width=\"174\" height=\"115\" alt=\"solarwinds\"><\/p>\n<h2 title=\"Plus: US intelligence names and shames Russia as probable culprit\">Ah, right on time: Hacker-slammed SolarWinds sued by angry shareholders<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2021\/01\/05\/solarwinds_sued\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>Palo Alto\u2019s Unit 42 research division published its findings on Turla <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/unit42.paloaltonetworks.com\/unit42-kazuar-multiplatform-espionage-backdoor-api-access\/\">last summer<\/a>, stating: \u201cWe suspect the Kazuar tool may be linked to the Turla threat actor group (also known as Uroburos and Snake), who have been reported to have compromised embassies, defense contractors, educational institutions, and research organizations across the globe.\u201d<\/p>\n<p>Taking these two snippets together, they suggest an even stronger link between the Russian state and the hackers who successfully compromised SolarWinds. The firm has taken the problem seriously, <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2021\/01\/11\/security_in_brief\/\" rel=\"noopener noreferrer\">hiring<\/a> a consultancy run by US infosec veterans Chris Krebs (former chief of the Cybersecurity and Infrastructure Agency) and Alex Stamos, whose CV includes stints at Yahoo<i>!<\/i> and Facebook.<\/p>\n<p>\u201cThis has been a multiyear effort by one of the very best, the most sophisticated intelligence operations in the world,&#8221; Krebs told the Financial Times.<\/p>\n<p>The SolarWinds compromise <a target=\"_blank\" href=\"https:\/\/www.theregister.com\/2020\/12\/09\/fireeye_tools_hacked\/\" rel=\"noopener noreferrer\">came to public attention<\/a> in December 2020 after infosec behemoth FireEye, a SolarWinds customer, admitted its systems were unlawfully accessed in \u201ca state-sponsored attack.\u201d \u00ae<\/p>\n<div class=\"adun\" data-pos=\"top\" data-raptor=\"falcon\" data-xsm=\",button,dbutton,mpu_plus,dmpu,\" data-sm=\",button,dbutton,mpu_plus,dmpu,\"> <noscript> <a href=\"https:\/\/pubads.g.doubleclick.net\/gampad\/jump?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x100%7C300x250%7C300x251&amp;tile=4&amp;c=44X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" target=\"_blank\" rel=\"noopener noreferrer\"> <img decoding=\"async\" src=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x100%7C300x250%7C300x251&amp;tile=4&amp;c=44X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D426raptor%3Dfalcon%26pos%3Dmid%26test%3D0\" alt> <\/a> <\/noscript> <\/div>\n<div class=\"boxout\" readability=\"8.710843373494\">\n<p><b>Meanwhile&#8230;<\/b> CrowdStrike has <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.crowdstrike.com\/blog\/sunspot-malware-technical-analysis\/\">detailed<\/a> how it reckons Orion was infected with a hidden backdoor: a source file was automatically swapped at the right moment when the software was being built on a build server compromised by highly customized malware.<\/p>\n<\/div>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2021\/01\/12\/solarwinds_russia_kaspersky\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>In a brave move, Russian firm fingers its own govt as one possible source of cyber badness Kaspersky Lab reckons the SolarWinds hackers may have hailed from the Turla malware group, itself linked to Russia\u2019s FSB security service.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-39097","post","type-post","status-publish","format-standard","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Kaspersky Lab autopsies evidence on SolarWinds hack 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Kaspersky Lab autopsies evidence on SolarWinds hack 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2021-01-12T06:56:08+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Kaspersky Lab autopsies evidence on SolarWinds hack\",\"datePublished\":\"2021-01-12T06:56:08+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/\"},\"wordCount\":395,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/\",\"name\":\"Kaspersky Lab autopsies evidence on SolarWinds hack 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0\",\"datePublished\":\"2021-01-12T06:56:08+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0\",\"contentUrl\":\"https:\\\/\\\/pubads.g.doubleclick.net\\\/gampad\\\/ad?co=1&amp;iu=\\\/6978\\\/reg_security\\\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Kaspersky Lab autopsies evidence on SolarWinds hack\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Kaspersky Lab autopsies evidence on SolarWinds hack 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/","og_locale":"en_US","og_type":"article","og_title":"Kaspersky Lab autopsies evidence on SolarWinds hack 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2021-01-12T06:56:08+00:00","og_image":[{"url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Kaspersky Lab autopsies evidence on SolarWinds hack","datePublished":"2021-01-12T06:56:08+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/"},"wordCount":395,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/","url":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/","name":"Kaspersky Lab autopsies evidence on SolarWinds hack 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/#primaryimage"},"thumbnailUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0","datePublished":"2021-01-12T06:56:08+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/#primaryimage","url":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0","contentUrl":"https:\/\/pubads.g.doubleclick.net\/gampad\/ad?co=1&amp;iu=\/6978\/reg_security\/front&amp;sz=300x250%7C300x252%7C300x600&amp;tile=3&amp;c=33X-2BqcGotySHdBV@qJR4GgAAAAI&amp;t=ct%3Dns%26unitnum%3D3%26raptor%3Deagle%26pos%3Dtop%26test%3D0"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/kaspersky-lab-autopsies-evidence-on-solarwinds-hack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Kaspersky Lab autopsies evidence on SolarWinds hack"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39097","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=39097"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/39097\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=39097"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=39097"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=39097"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}