Security News > 2020 > December > Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools

Cybersecurity corp FireEye has confessed its most secure servers have been compromised, almost certainly by state-backed hackers who then made away with its proprietary hacking tools.

"Recently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack," a memo by its CEO Kevin Mandia on Tuesday read. The tools stolen are used by FireEye to test their customers' networks to find potential security holes, making it doubly embarrassing for the tech giant because, presumably, it uses its own tools to make sure its networks are secure.

As for hacking tools stolen, Mandia said: "We have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers' security. These tools mimic the behavior of many cyber threat actors and enable FireEye to provide essential diagnostic security services to our customers."

Fortunately none of those tools contain zero-day exploits, at least according to FireEye, and it said it has yet to detect the tools being used elsewhere.

It's unlikely whoever stole the software from FireEye needs it; they likely have their own tools.

News URL

https://go.theregister.com/feed/www.theregister.com/2020/12/09/fireeye_tools_hacked/