Story image

Mandiant security researcher stung by hackers - parent co FireEye denies entire network breach

02 Aug 2017

It seems that not even security experts are immune to hacks, after reports surfaced this week that one unlucky researcher was hit by hackers.

Adi Peretz, an employee at US-based Mandiant, a division of global security firm FireEye, was the victim of a hack that saw a number of his online accounts exposed.

The breach targeted the researcher’s credentials, LinkedIn profile, live account and PayPal invoices, according to the hackers.

Other reports said that hackers had targeted the researcher’s LinkedIn profile and ‘defaced’ it. The profile is no longer online.

The hackers posted details on PasteBin as part of a data dump, saying that they had breached not only the company’s internal systems, but customer data too.

“It was fun to be inside a giant company named 'Mandiant' we enjoyed watching how they try to protect their clients and how their dumb analysts are trying to reverse engineer malwares and stuffs. Now that 'Mandiant' knows how deep we breached into its infrastructure its so-called threat analysts are trying to block us. Let's see how successful they are going to be :D,” the hackers’ say as part of their data dump."

The hackers claim they also got access to the researcher’s geolocation, top secred documents, complete business and personal emails, FireEye licences, network topology drawings and more.

“Mandiant Internal networks and its clients data has been compromised (might be leaked separately),” the hackers say.

However, Mandiant and other researchers say that’s not the case and there was no company breach at all.

“We are aware of reports that a Mandiant employee's social media accounts were compromised. We immediately began investigating this situation, and took steps to limit further exposure. Our investigation continues, but thus far, we have found no evidence FireEye or Mandiant systems were compromised,” a statement from Mandiant says.

Kaspersky researcher Ido Naor posted on Twitter that the breach did not spread to all of Mandiant’s systems.

 “For a long time we - the 31337 hackers - tried to avoid these fancy ass "Analysts" whom trying to trace our attack footprints back to us and prove they are better than us. In the #LeakTheAnalyst operation we say f*** the consequence let’s track them on Facebook, Linked-in, Tweeter, etc. let’s go after everything they’ve got, let’s go after their countries, let’s trash their reputation in the field. If during your stealth operation you pwned an analyst, target him and leak his personal and professional data, as a side job of course ;),” the hackers’ conclude.

Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.
IBM X-Force Red & Qualys introduce automated patching
IBM X-Force Red and Qualys are declaring a war on unpatched systems, and they believe automation is the answer.
Micro Focus acquires Interset to improve predictive analytics
Interset utilises user and entity behavioural analytics (UEBA) and machine learning to give security professionals what they need to execute threat detection analysis.
Raising the stakes: McAfee’s predictions for cybersecurity
Security teams and solutions will have to contend with synergistic threats, increasingly backed by artificial intelligence to avoid detection.
Exclusive: Ping Identity on security risk mitigation
“Effective security controls are measured and defined by the direct mitigation of inherent and residual risk.”