I literally typed “scary hacker guy” into a Google image search.
A group of Russian- and English-speaking hackers have infiltrated the top 3 US antivirus firms. They claim to have stolen “sensitive source code” from each, and plan to sell it for $300,000.
Thankfully, the breach has nothing to do with consumer data. So, you don’t need to go about changing all your passwords (though you should probably do so anyway). The reality of the situation s far more troubling. With the source code to these antivirus programs, someone with malintent could make viruses far more effective against these programs.
A report published by Advanced Intelligence points to the group Fxmsp as being responsible for the breach. The group has a long history of stealing and selling sensitive information from high-profile government and corporate entities. From the report:
- “Fxmsp” is a high-profile Russian- and English-speaking hacking collective. They specialize in breaching highly secure protected networks to access private corporate and government information.
- They have a long-standing reputation for selling sensitive information from high-profile global government and corporate entities.
- In March 2019, Fxmsp stated they could provide exclusive information stolen from three top anti-virus companies located in the United States. They confirmed that they have exclusive source code related to the companies’ software development. They are offering to sell it, and network access, for over $300,000 USD.
- AdvIntel subject matter experts assess with high confidence that Fxmsp is a credible hacking collective with a history of selling verifiable corporate breaches returning them profit close to $1,000,000 USD. AdvIntel alerted law enforcement regarding these claimed intrusions.
On April 24, 2019, Fxmsp claimed to have secured access to three leading antivirus companies. According to the hacking collective, they worked tirelessly for the first quarter of 2019 to breach these companies and finally succeeded and obtained access to the companies’ internal networks.
The collective extracted sensitive source code from antivirus software, AI, and security plugins belonging to the three companies. Fxmsp also commented on the capabilities of the different companies’ software and assessed their efficiency.The collective provided a list of specific indicators through which it is possible to identify the company even when a seller is not disclosing its name. Fxmsp offered screenshots of folders purported to contain 30 terabytes of data, which they allegedly extracted from these networks. The folders seem to contain information about the company’s development documentation, artificial intelligence model, web security software, and antivirus software base code.
Screenshots from the collective indicate that they have over 30TB of this data. Their shots indicate that they have materials including development documentation, artificial intelligence models, web security software, and antivirus software base code from each of these companies.
Somewhat lamentably, Advanced intelligence did not release the names of the compromised antivirus companies. It did, however, notify these companies through partner organizations, as well as law enforcement. t might, however, be a good idea for users to err on the side of caution for the time being.
Source: PC Gamer
About Author
