A Russian government agency, SVR (Foreign Intelligence Service), hacked into FireEye and accessed hundreds of FireEye’s pen testing tools. SVR now has insight into how FireEye evaluates weaknesses in their customers’ systems.
FireEye’s service is to deploy suspicious files into a safe environment to see if they are dangerous, so they were able to update their customer’s systems to detect attacks from their stolen tool set.
This attack appears to be part of the same campaign as SolarWinds. |