New Malware Discovered in SolarWinds Investigation
The malware, Raindrop is a loader which delivers a payload of Cobalt Strike. Raindrop is very similar to the already documented Teardrop tool, but there are some key differences between the two. Our head of security analytics, Chris Morales, shares that we are now getting into the semantics of minutia of how different malware worked so they can be named and detected with a signature. This is all great after the fact once we already know the attack occurred, however, it did not help when it mattered most.