https://www.cbronline.com/news/trend-micro-symantec-fxmsp
By Ed Targett
Editor
Computer Business Review
May 13, 2019
"Immediate action was taken to quarantine the lab"
UPDATED 23:45 GMT with amended comment from Symantec, AdvIntel.
Trend Micro today admitted it had suffered “unauthorised access to a single
testing lab network by a third party”. The comment came after New York-based
threat intelligence company Advanced Intelligence (AdvIntel) claimed three
cybersecurity companies had been penetrated by a Russian hacker group dubbed
Fxmsp.
Computer Business Review has obtained the names of all three of the companies
allegedly hacked. Trend Micro is among them and was responding to our request
for comment. Symantec (Norton), which denies the claims, is the second. McAfee
is the third and says it is “monitoring for and investigating this threat
claim.”
In a report published Thursday, AdvIntel said the Russian-speaking group Fxmsp
had been selling alleged source code and network access to the three for
$300,000 on Russian dark web forums, claiming it had 30TB of aggregated data.
(The threat group’s modus operandi included accessing network environments via
externally available Remote Desktop Protocol (RDP) servers and exposed active
directory accounts, the company added, saying the group also claimed to have
developed a credential-stealing botnet capable of infecting high-profile
targets.)
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
