"Microsoft and FireEye Create a 'Killswitch' for SUNBURST Malware Affecting SolarWinds' Orion"
Microsoft, FireEye, and GoDaddy have worked together to create a "killswitch" for SUNBURST, which is the malware distributed in the supply chain attack on SolarWinds' Orion IT management platform. This platform is used by several U.S. government agencies, including the departments of Treasury, Commerce, and Homeland Security, as well as companies in the private domain, including Boeing and Los Alamos National Laboratory. The killswitch was designed to take over one of the domains used by attackers to infect victims' systems with SUNBURST malware. According to a FireEye spokesperson, this killswitch will affect new and previous SUNBURST infections. This article continues to discuss the supply chain attack on the SolarWinds Orion platform and how the killswitch works to prevent further spread of the SUNBURST malware.