FireEye discloses data breach and theft of hacking tools

American cybersecurity firm FireEye says it was on the receiving end of a cyberattack recently and that a government-backed hacking operation may have been behind it.

“A highly sophisticated state-sponsored adversary stole FireEye Red Team tools,” the company wrote in a Dec. 8 press release. “Because we believe that an adversary possesses these tools, and we do not know whether the attacker intends to use the stolen tools themselves or publicly disclose them, FireEye is releasing hundreds of countermeasures with this blog post to enable the broader security community to protect themselves against these tools.”

It’s unclear when the hack initially took place, but Reuters cited a source who told the publication that the company had been resetting user passwords “over the past two weeks.” The Federal Bureau of Investigation and Microsoft have been brought in to investigate.

“The FBI is investigating the incident, and preliminary indications show an actor with a high level of sophistication consistent with a nation-state,” Matt Gorham, assistant FBI director for the Cyber Division, told Reuters.

FireEye says the stolen tools range from simple scripts used to automate reconnaissance to entire frameworks similar to publicly available technologies such as CobaltStrike and Metasploit. Many of the Red Team tools have already been released to the community and are already distributed in the company’s open-source virtual machine, CommandoVM.

FireEye says there’s no evidence of the tools being used by threat actors – yet. A list of the countermeasure is available on the FireEye GitHub repository

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Alex Coop
Alex Coophttp://www.itwc.ca
Former Editorial Director for IT World Canada and its sister publications.

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now