13 January 2021

SolarLeaks website offers data allegedly stolen in SolarWinds hack


SolarLeaks website offers data allegedly stolen in SolarWinds hack

A website named SolarLeaks emerged online claiming to sell data stolen from companies that have been breached in recent SolarWinds supply-chain attacks, including Microsoft, FireEye, Cisco and SolarWinds. In a joint statement, the FBI, CISA, and the NSA said that this hack was likely carried out by a Russian state-sponsored threat group whose goal was to steal cloud data like emails and files from compromised organizations.

Now, a website appeared online that is offering for sale data allegedly stolen from Microsoft, FireEye, Cisco and SolarWinds. The SolarLeaks website operators claim to be selling Microsoft source code and repositories for $600,000 (last month, the company confirmed that the SolarWinds hackers got access to its source code), as well as Cisco’s multiple products source code and internal bug tracker ($500,000), SolarWinds’ products source code (all including Orion) and customer portal dump ($250,000), and FireEye’s private RedTeam tools, source code, binaries and documentation ($50,000).

Those who interested in all leaked data can buy it for $1 million.

In a recent update Cisco said it is aware of the SolarLeaks website, however, the company said that it “has no evidence at this time of any theft of intellectual property related to recent events.”

According to Bleeping Computer, the solarleaks.net domain is registered through NJALLA, a registrar often used by Russia-linked threat actors Fancy Bear and Cozy Bear.


Back to the list

Latest Posts

FBI warns of ongoing vishing attacks seeking to steal corporate credentials

FBI warns of ongoing vishing attacks seeking to steal corporate credentials

Cybercriminals use VoIP platforms to target company employees.
19 January 2021
IObit forum hacked in a DeroHE ransomware attack

IObit forum hacked in a DeroHE ransomware attack

It is unknown, how the hackers managed to compromise the forum, but it is possible that they gained access to an administrative account.
19 January 2021
OpenWrt Project discloses data breach

OpenWrt Project discloses data breach

The hackers gained access to an administrator account on the OpenWrt forum and stole a copy of the user list.
19 January 2021
0 дней, 0 часов, 2 минуты, 47 секунд142 дня, 21 час, 21 минута, 18 секунд