Hackers offer to resell pirated source codes to Microsoft
During the SolarWinds-related computer incident, some Microsoft-owned source codes were hacked.
The American giant Cisco, was also affected by the same incident. Returning to the charge, cybercriminals offer to monetize its Source Codes for money and it is to American companies that they make the proposal for 600,000 U.S. dollars.
This article will also interest you: Cyberattack against SolarWinds
To recaps, we recall that Microsoft, the American digital giant, had been hit hard by a computer attack following the intrusion into the Oracle software of SolarWinds. The cyber attack was blamed on a group of cyber criminals believed to be linked to Russia. On the Microsoft side, it was indeed confirmed a computer attack that allowed cyber criminals to access its source code. But according to the US giant, there is no clear evidence that this access allows cybercriminals to endanger the security of Microsoft's products, as well as microsoft's customer data.
Yet hackers, offer to whom might be interested, data that they have in their possession. And among this data would be a partial source code of Windows, the operating system provided by Microsoft. In addition to this, cyber criminals claim to have source codes for certain products from Cisco and even SolarWinds and security solutions publisher FireEye. As a reminder, the computer attack on SolarWinds was revealed last December. In the days that followed, cybersecurity firm FireEye said it had also been attacked, and that one of the most important tools, the Red Team, was compromised. Subsequently, the security solutions publisher reported that it had observed movements from the computer attack. It would be based on a malware known as Sunburst; malware that has been used to attack private companies and public organizations. This, through the corruption of a management program, Orion of SolarWinds.
On December 31, redmond's firm reported on the cyberattack that hit SolarWinds.As a result, the U.S. company stated that it "detected unusual activity on a small number of internal accounts and upon review, we discovered that an account had been used to view the source code in several source code repositories."
According to Jake Williams, a former NASA hacker and founder of Rendition Infosec, this act of hackers could be aimed at blurring the lines: "One last thought on #solarLeaks: the alleged sale is only for commercially interesting things, not for data of intelligence value. The fact that no intelligence data (Treasury, Trade, etc.) has not been proposed suggests that this could be the real group," read a recent tweet. "A pure play scammer would probably offer alleged data from these organizations as well. It could even take the bait of other intelligence organizations. At these prices, no one buys that commercial data, so I'm still leaning towards an attribution error." Added the latter. It also states that: "The relevance of the phrase "no data having any intelligence value" is just that I don't think most scammers would have thought that (more data announced – more opportunities). I would also expect them to lower prices to a perhaps more reasonable level in the hope of getting someone biting."
"There is no meat on this bone until there are others," he tweeted in his thread. "The only things to take into account are: We have already seen Russian threat actors use this kind of false trail to blur the attribution trails; Don't let yourself be fooled. That's all. That's the whole story," he concludes.
It should be noted that the Shadow Brokers hacker group had already done so. But this time, it was the NSA that the proposal was made to buy back the data stolen during the hacking. Then they looked for the highest bidders. In this case, for example, the hackers had totally told the truth. Their hacking had enabled them to collect sensitive information in 2016. After several negotiations, the hackers simply published a link that allowed anyone interested to access the content of the information they had managed to steal. This information has not failed to shock the IT community. Especially the famous Eternal Blue.
Now access an unlimited number of passwords: