Special Report: FireEye Hacked by Likely Russian State Intelligence Attackers, Red Team Tools Stolen
The preeminent cybersecurity company has released more than 300 countermeasures to help neutralize the damage
In a development that stunned the information security community, preeminent cybersecurity company FireEye announced shortly after the stock market closed yesterday that it had been hacked by a "nation with top-tier offensive capabilities. Sources say the attackers are almost certainly Russia’s SVR intelligence hackers known as APT 29 or Fancy Bear, the same group that hacked the Democratic National Committee in 2015. FireEye has a long history of calling out Russian state-sponsored hackers, such as Sandworm, responsible for the blackouts in Ukraine in 2016 and 2016 and the destructive worm NotPetya, and Unit 74455 of Russia’s GRU military intelligence agency.
The hackers stole FireEye’s red team tools, including scripts, scanners, and techniques developed by the company over fifteen to penetrate customer systems looking for vulnerabilities to help improve security postures. FireEye said that it has no evidence the tools have been used in the wild, but it has posted more than 300 cou…