Story image

FireEye data leaks continue - or are the hackers just trolling?

15 Aug 2017

Hackers have released another batch of information supposedly belonging to cybersecurity firm FireEye, two weeks after they were able to compromise a FireEye researcher’s social media accounts.

According to reports, the hackers published another PasteBin dump, which accuses FireEye of a coverup.

“Well we were waiting FireEye for a public comment and FireEye lied again, and they lied in cost of their customers. They did a mistake. They knew we had access to JIRA, Their IDF workshop wasn't a part of Adi Peretz's job. They knew Adi Peretz wasn't working on Bank Hapoalim," The PasteBin dump says.

"They said our documents was "public", are license files, private contract documents, private IDF workshops and internal network topologies public? If they weren't public why did you removed our files and from public file hosting? Why did you removed our first Pastebin message? They knew the truth and they're hiding it from their customers and the public,” it continues.

The data dumps apparently contain Cisco licences, Illusive’s confidential report, a ClearSky document and more – but Twitter reports suggest there isn’t much to the files.

The hackers have also taken to using hashtags on social media, under the name #leaktheanalyst. Debate has surfaced about the legitimacy of the files and whether the hackers are simply on a trolling mission.

Last week FireEye’s Steven Booth posted a blog in which he states FireEye’s networks were not breached, although that wasn’t for lack of trying.

The researcher, a Mandiant employee who was hacked, however, had in fact been a victim of other third party breaches, including the LinkedIn breach that happened last year.

The hackers didn’t get access to the victim’s personal or corporate computers, although Booth says the attacker did release three corporate FireEye documents using information from the victim’s corporate online accounts.

“All of the other documents released by the attacker were previously publicly available or were screen captures created by the attacker. A number of the screen captures created by the Attacker and posted online are misleading, and seem intentionally so. They falsely implied successful access to our corporate network, despite the fact that we identified only failed login attempts from the attacker,” Booth says.

Booth says that after the breach was discovered, FireEye contacted the victim and identified customers named in the breach, disabled the victim’s corporate accounts and send a message to all employees to be vigilant about their personal accounts.

“We understand the trust our customers place in FireEye, and we will continue to do all we can to earn and keep that trust. We will also engage with law enforcement and intelligence agencies as appropriate, as we routinely do to identify and prosecute cyber criminals. We thank you for your support during this ongoing investigation,” Booth says in the blog.

SecOps: Clear opportunities for powerful collaboration
If there’s one thing security and IT ops professionals should do this year, the words ‘team up’ should be top priority.
Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.