FireEye, a company that provides digital security for other companies, has itself fallen victim to a hack. The hackers captured a tool that was used for pen tests.
The company announced the hack in a press release on its website. In it, the company writes that the attack was probably state-sponsored and that it was of an exceptionally high level. FireEye enlisted the help of both the FBI and Microsoft to investigate the hack.
The hackers used techniques that FireEye hadn’t seen before. They were able to steal tools with which FireEye uses to mimic attacks. As far as they know, no exploits for zero-days between the stolen data were stolen.
Signatures
FireEye has published several signatures and countermeasures on GitHub that allow attacks that use FireEye’s tools to be detected and repelled. The hackers do not appear to have used the tools yet.
Information about governments
According to FireEye, the attacker waws mainly looking for information about governments that are customers of FireEye. According to the company, there is no indication that the hackers have gained access to the system that stores customer data. If this is found to be the case, the company promises to contact the compromised customer immediately.
Tip: Exclusive: Interview Citrix CISO, Fermín Serna: where did it go wrong?