Cybersecurity companies and U.S. intelligence agencies are investigating the possible role played by a product from JetBrains in the recently discovered SolarWinds hack, according to reports.
The New York Times and Reuters reported on Wednesday that cybersecurity experts and government agencies are trying to determine whether the hackers that targeted SolarWinds may have abused software created by JetBrains to achieve their goal.
JetBrains is a software development company based in the Czech Republic. The firm has offices in Europe, Russia and the United States, and it claims that its solutions are used by over 9 million developers across 300,000 companies around the world, including 95 of the Fortune 100 companies and 79 Fortune Global 100 companies.
In a statement issued in response to the New York Times article, JetBrains CEO Maxim Shafirov said his company was not aware of any investigations into its software’s role in the SolarWinds breach, but noted that they are prepared to cooperate.
According to reports, the JetBrains product possibly abused by the SolarWinds hackers is TeamCity, a continuous integration and development system. Shafirov has confirmed that SolarWinds is a customer.
“It’s important to stress that TeamCity is a complex product that requires proper configuration. If TeamCity has somehow been used in this process, it could very well be due to misconfiguration, and not a specific vulnerability,” Shafirov said, pointing to a section of the JetBrains website where they regularly inform customers about the vulnerabilities patched in products.
The New York Times reported that SolarWinds has yet to confirm a definitive connection between TeamCity and the attack targeting its systems.
Continuous Updates: Everything You Need to Know About the SolarWinds Attack
It’s worth pointing out that the attack on SolarWinds is believed to have started at least one year prior to its discovery, and it’s possible that SolarWinds has also been targeted by a second, unrelated threat actor.
The United States has officially said that the attack on SolarWinds was likely conducted by Russia, an accusation that Moscow has denied.
The breach, which involved the delivery of trojanized updates for SolarWinds’ Orion product, is believed to have allowed the attackers to breach the networks of at least 250 government and private organizations. The latest government organization to admit being hit is the U.S. Justice Department, which said on Wednesday that three percent of its Microsoft 365 email accounts were potentially affected, but claimed there was no evidence that classified systems were impacted.
Related: Class Action Lawsuit Filed Against SolarWinds Over Hack
Related: Microsoft Says ‘SolarWinds’ Hackers Viewed Internal Code

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- Cisco to Acquire Splunk for $28 Billion
- Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade
- Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis
- Intel Launches New Attestation Service as Part of Trust Authority Portfolio
- Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems
Latest News
- In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking
- China’s Offensive Cyber Operations in Africa Support Soft Power Efforts
- Air Canada Says Employee Information Accessed in Cyberattack
- BIND Updates Patch Two High-Severity DoS Vulnerabilities
- Faster Patching Pace Validates CISA’s KEV Catalog Initiative
- SANS Survey Shows Drop in 2023 ICS/OT Security Budgets
- Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
- New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware
