McAfee,Symantec & Trend Micro breached by Russian hacking group

The three US-based antivirus software vendors that had been breached by a Russian hacking group have now been identified.

Last week a report by Advance Intelligence announced that a high-profile Russian hacking group, known as ‘Fxmsp’ had breached three US-based antivirus software vendors. The group was offering to sell the stolen data and source codes for $300,000.

It has now been identified that McAfee, Symantec and Trend Micro are the three companies that have been breached.

Symantec confirmed that it was contacted by the researchers at AdvIntel, and are aware of the claims surrounding the breaches against US-based antivirus companies. A Symantec spokesperson said:

“We have been in contact with researchers at AdvIntel, who confirmed that Symantec (Norton) has not been impacted. We do not believe there is reason for our customers to be concerned.”

Fxmsp has claimed that Symantec was one of the alleged victims however sufficient evidence has not been provided to support this allegation.

A spokesperson for McAfee wrote:

“McAfee has been conducting a thorough investigation into these claims. To date, we’ve found no indication that McAfee products, services or networks have been impacted by the campaign described.”

Trend Micro has confirmed that the data linked to its testing labs had been accessed by an unauthorised third party, stating in an email:

“We have an active investigation underway related to recent claims, and while it is not complete, we want to transparently share what we have learned. Working closely with law enforcement, our global threat-research and forensic teams are leading this investigation.

“Some low-risk debugging related information was obtained. We are nearing the end of our investigation and at this time we have seen no indication that any customer data nor source code were accessed or exfiltrated.”

Registration now OPEN for PrivSec Global
Taking place across four days from 30 Nov to 3 Dec, PrivSec Global, will be the largest data protection, privacy and security event of 2020.

Reserve your place today and gain access to the entire event free of charge. With all sessions available to view live or on-demand, you can build a personalised agenda based on your key focus topics and make the event fit around your work schedule.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.