Three US AV companies have been breached, report reveals

It has been revealed that three US-based antivirus software vendors have been breached by a Russian hacking group.

A report from Advance Intelligence announced that a high-profile Russian hacking group compromised three US-based antivirus software vendors. The international hacking group known as ‘Fxmsp’ stole more than 30 terabytes of data from the vendors. The group is offering to sell the stolen data and the source codes for $300,000, as well as providing evidence to support their claims.

AdvIntel Director of Security Research, Yelisey Boguslavskiy, told SC Media:

“We have high confidence and saw direct evidence suggesting that Fxmsp does have companies’ files.

“We believe with moderate-to-high confidence that it is possible to extract source codes from these files, if a sufficient technical skill is present.”

‘Fxmsp’ are well known hacking group within the security community and previously  have compromised large, global companies, raking in approximately $1 million. The report disclosed that the group had used a combination of antivirus software, AI and security plugins, belonging to the companies, to extract the source code.

AdvIntel wrote:

“The actor [Fxmsp] claimed that antivirus breach research has been their main project over the last six months.”

The breach is clear evidence that no organisation is safe. Tim Erlin, VP, product management and strategy at Tripwire said:

“Even security companies aren’t immune from breaches.

“They certainly have sensitive data to protect. They may not be targeted as often because the data they have is harder to monetize. Source code for any security product, antivirus included, is valuable to attackers working on ways to circumvent controls or avoid detection. If an attacker knows the internals of how security tools work, they can build exploits to avoid them more easily.”

 


European Data Protection Summit will take place on June 3rd in Central London and will play host to 800 DPO’s, Security Professionals and senior business decision makers looking for; information, updates, clarity, advice and solutions. For more information, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.