SolarLeaks Selling Alleged Source Code from Microsoft, Cisco | Avast
Various sensitive source codes belonging to Microsoft, Cisco, FireEye, and network management company SolarWinds are allegedly for sale on a website called SolarLeaks. The site was launched this week, about a month after a cyberattack on SolarWinds that led to a supply chain attack impacting 18,000 customers.
The SolarLeaks website claims the data for sale is that which was stolen in the attack. The asking prices are rather high, with the Microsoft source code selling for $600,000, source code for multiple Cisco products selling for $500,000, private red team tools and source code from FireEye selling for $50,000, and the SolarWinds source code bundled with customer portal data selling for $250,000. The sellers are also offering a package deal to anyone who wants all of it – the asking price is a neat and tidy one million dollars.
Bleeping Computer reported that it’s still unclear whether or not the site is legitimate. Cisco issued a statement that there is no evidence their source code was stolen in the SolarWinds attack. “There is no proof that this is real or not,” commented Avast Security Evangelist Luis Corrons, though he added, “It makes sense that the attackers want to make extra money on their attack, and given the profile of the victims they surely have some sort of valuable information.” When Bleeping Computer tried to contact the SolarLeaks seller, the email was bounced back with an error saying the seller’s email address didn’t exist. The SolarLeaks site is registered through NJALLA, a registrar known to be popular among Russian hacking groups.
Poor security allowed hackers to steal Parler data
A group of hackers successfully scraped and archived 99% of the publicly available data on the currently defunct unmoderated “free speech” platform Parler in the hours before it went offline. Rumors began spreading that it must have been a sophisticated attack, but the opposite is true. According to Wired, security protecting the platform was virtually nonexistent. The site was shut down by host Amazon Web Services due to its key role in fomenting the violent insurrection at the U.S. Capitol. Spokespeople for Parler vow it will return within a week. To learn the reasons the hackers downloaded all the Parler data, see our report in the Avast blog. And to learn more about the site’s beginnings and what could possible be next, check out our deep dive into the history of Parler.
Garry Kasparov urges Americans to stand up for democracy
In an opinion piece for CNN this week, the Renew Democracy Initiative chairman Garry Kasperov argued that the battle in the United States against anti-democratic extremism is far from over. Garry strongly feels that those responsible for the siege on the U.S. Capitol should be persecuted to the full extent of the law, including the leadership that incited the attack. Garry urges a dispassionate carrying out of justice for those lawbreakers and warns against any light touches in the name of unity. He likens the current state of the U.S. to that of the fallen Soviet Union in the late ‘90’s, when the country chose to forgive the atrocities of the KGB in the name of unity and elected former KGB lieutenant colonel Vladimir Putin as its leader. “It was the last meaningful election we ever had,” said Garry, adding, “America should not make a similar mistake.”
Cryptocurrency hacks net billions in 2020
Using today’s values, researchers calculated that cryptocurrency scams and hacks throughout 2020 netted $3.78 billion for cybercriminals. ZDNet reported that researchers discovered there were 122 attacks through the year, hitting 3 main areas – the Ethereum platform, cryptocurrency exchanges, and blockchain wallets. The wallets were the most lucrative targets, adding up to over $3 billion in losses (at today’s values). Some see good news in the fact that blockchain wallet attacks were actually down 8% in 2020 from 2019, and experts believe the downward trend will continue in 2021.
This week’s ‘must-read’ on The Avast Blog
We’re excited to announce that we’re launching a new series, Avast Hacker Archives, that uncovers the “Aha!” moments that hackers and researchers have had over the course of their careers. Jaya Baloo, Avast CISO and the host of the series, will be chatting with renowned security experts about their backgrounds, education, and toughest and funniest hack stories and projects — nitty-gritty and technical details included.
*** This is a Security Bloggers Network syndicated blog from Blog | Avast EN authored by Avast Blog. Read the original post at: https://blog.avast.com/solarleaks-selling-alleged-source-code-from-microsoft-cisco-avast