Security Market Segment LS
Friday, 10 May 2019 05:48

Hackers claim to have breached top anti-virus firms in US Featured

By
Hackers claim to have breached top anti-virus firms in US Pixabay

Three top unnamed anti-virus companies located in the US appear to have been hacked by a collective that communicates in both Russian and English, and is offering to sell source code belonging to these firms, plus network access, for more than US$300,000.

The security firm Advanced Intelligence (AdvIntel) said in a blog post on Thursday that Fxmsp specialised in breaching secure, protected networks to exfiltrate private corporate and government information.

AdvIntel said Fxmsp had said in March that they had obtained top-secret information from three top anti-virus companies located in the US.

"AdvIntel subject matter experts assess with high confidence that Fxmsp is a credible hacking collective with a history of selling verifiable corporate breaches returning them profit close to US$1 million," the firm said, adding that it had alerted law enforcement to these claimed intrusions.

Fxmsp had been operating since 2017 in a number of well-known Russian- and English-speaking underground communities, and had been known to breach networks using externally available remote desktop protocol servers and exposed active directory servers.

advintel method

"Most recently, the actor claimed to have developed a credential-stealing botnet capable of infecting high-profile targets in order to exfiltrate sensitive usernames and passwords," AdvIntel claimed.

"Fxmsp has claimed that developing this botnet and improving its capabilities for stealing information from secured systems is their main goal."

AdvIntel said the claim about data theft from the three top anti-virus companies had been made on 24 April, following intense efforts by Fxmsp during the first quarter of 2019.

The collective claimed to have extracted sensitive source code from the anti-virus and artificial intelligence products of these three US-based companies, plus security plugins.

AdvIntel said Fxmsp had offered screenshots which were claimed to be of folders containing 30TB of data allegedly exfiltrated from these three firms.

"According to 'ShadowRunTeam', a high-profile Russian threat actor operating on Telegram, Fxmsp is reportedly a Moscow resident with the first name 'Andrey' who started to engage in cyber crime activities in mid-2000 and specialised in social engineering," AdvIntel said.

Graphic: courtesy Advanced Intelligence

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments