Story image

Mandiant security researcher stung by hackers - parent co FireEye denies entire network breach

02 Aug 2017

It seems that not even security experts are immune to hacks, after reports surfaced this week that one unlucky researcher was hit by hackers.

Adi Peretz, an employee at US-based Mandiant, a division of global security firm FireEye, was the victim of a hack that saw a number of his online accounts exposed.

The breach targeted the researcher’s credentials, LinkedIn profile, live account and PayPal invoices, according to the hackers.

Other reports said that hackers had targeted the researcher’s LinkedIn profile and ‘defaced’ it. The profile is no longer online.

The hackers posted details on PasteBin as part of a data dump, saying that they had breached not only the company’s internal systems, but customer data too.

“It was fun to be inside a giant company named 'Mandiant' we enjoyed watching how they try to protect their clients and how their dumb analysts are trying to reverse engineer malwares and stuffs. Now that 'Mandiant' knows how deep we breached into its infrastructure its so-called threat analysts are trying to block us. Let's see how successful they are going to be :D,” the hackers’ say as part of their data dump."

The hackers claim they also got access to the researcher’s geolocation, top secred documents, complete business and personal emails, FireEye licences, network topology drawings and more.

“Mandiant Internal networks and its clients data has been compromised (might be leaked separately),” the hackers say.

However, Mandiant and other researchers say that’s not the case and there was no company breach at all.

“We are aware of reports that a Mandiant employee's social media accounts were compromised. We immediately began investigating this situation, and took steps to limit further exposure. Our investigation continues, but thus far, we have found no evidence FireEye or Mandiant systems were compromised,” a statement from Mandiant says.

Kaspersky researcher Ido Naor posted on Twitter that the breach did not spread to all of Mandiant’s systems.

 “For a long time we - the 31337 hackers - tried to avoid these fancy ass "Analysts" whom trying to trace our attack footprints back to us and prove they are better than us. In the #LeakTheAnalyst operation we say f*** the consequence let’s track them on Facebook, Linked-in, Tweeter, etc. let’s go after everything they’ve got, let’s go after their countries, let’s trash their reputation in the field. If during your stealth operation you pwned an analyst, target him and leak his personal and professional data, as a side job of course ;),” the hackers’ conclude.

Thycotic debunks top Privileged Access Management myths
Privileged Access encompasses access to computers, networks and network devices, software applications, digital documents and other digital assets.
Veeam reports double-digit Q1 growth
We are now focussed on an aggressive strategy to help businesses transition to cloud with Backup and Cloud Data Management solutions.
Paving the road to self-sovereign identity using blockchain
Internet users are often required to input personal information and highly-valuable data from contact numbers to email addresses to make use of the various platforms and services available online.
Tech Data to distribute Nutanix backup solution in A/NZ
Tech Data will distribute HYCU Data Protection for Nutanix backup and recovery software to their network of partners across Australia and New Zealand.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within Tenable.io.
Safety solutions startup wins ‘radical generosity’ funding
Guardian Angel Security was one of five New Zealand businesses selected by 500 women (SheEO Activators) who contributed $1100 each.
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.