Hackers claim to have infiltrated three US antivirus firms

News
By published

If legit, the stolen data could be used to thwart antivirus software.

Pixabay via TheDigitalArtist. Click for original. (Image credit: Pixabay via TheDigitalArtist)

Security researchers say a "high-profile Russian- and English-speaking hacking collective" managed to infiltrate three of the top antivirus firms in the US and steal "sensitive source code" related to the development of AV software and tools. The group is trying to sell the data for $300,000.

The good news for consumers is that this breach had nothing to do with personal data—it doesn't appear that any names, addresses, email addresses, payment info, or any such data was swiped. However, that's where the good news ends.

This breach was all about stealing the code that makes AV software and tools tick. In the wrong hands, that kind of code can be used to find ways of thwarting protections that AV software provides.

According to a security report published by Advanced Intelligence (AdvIntel), the group responsible is called "Fxmsp" and has a long history of selling sensitive information from high-profile global government and corporate entities.

"On April 24, 2019, Fxmsp claimed to have secured access to three leading antivirus companies. According to the hacking collective, they worked tirelessly for the first quarter of 2019 to breach these companies and finally succeeded and obtained access to the companies’ internal networks," AdvIntel says.

"The collective extracted sensitive source code from antivirus software, AI, and security plugins belonging to the three companies. Fxmsp also commented on the capabilities of the different companies’ software and assessed their efficiency," AdvIntel adds.

Screenshots provided by Fxmsp point to 30TB worth of stolen data, among which is information about each company's development documentation, artificial intelligence model, web security software, and antivirus software base code.

AdvIntel did not say which specific AV companies are affected, but did tell Arstechnica that it notified the potential victims through partner organizations, and also provided details to law enforcement.

To date, Advintel says the "credible hacking collective" has netted a profit in the neighborhood for $1 million for selling previously stolen data.

Paul Lilly
Paul Lilly

Paul has been playing PC games and raking his knuckles on computer hardware since the Commodore 64. He does not have any tattoos, but thinks it would be cool to get one that reads LOAD"*",8,1. In his off time, he rides motorcycles and wrestles alligators (only one of those is true).

Latest in Security
An FBI wanted poster for alleged hacker Zhou Shuai.
US Justice Dept announces $10 million bounty on at-large 'hacker-for-hire' cabal it says targeted China critics, religious missionaries, and the Treasury
Kinzie, in an FBI jacket, uses a computer with the logo of the Third Street Saints on it
Have I Been Pwned adds over 284 million compromised passwords from latest breach
A still from a YouTube video of Senator Mark Warner speaking
Telecoms hack on US government officials is 'worst in nations history' and 'the barn door is still wide open' says senator
HDMI cable
Hackers can wirelessly spy on your display by collecting HDMI signal leaks and churning them through an AI, but I wouldn't break out the tin foil just yet
Computer code and text displayed on computer screens. Photographer: Chris Ratcliffe/Bloomberg
Forcing users to periodically change their passwords should go the way of the dodo according to the US government
An original Apple Macintosh Model M0001, as they celebrate 40th anniversary, is on display in between 2024 Apple models at the independent Apple products store chain Amac, on January 24, 2024 in Utrecht, The Netherlands. Based on the Motorola 68000 microprocessor, the Macintosh was the first successful mouse-driven computer with a graphical user interface.
Major browser providers scramble to patch an 18-year-old vulnerability affecting MacOS and Linux systems but Windows remains gloriously immune
Latest in News
A screenshot from SaGa Frontier 2, showing one of the protagonists wandering through a quaint fantasy village
One of Square Enix' most underrated PlayStation-era JRPGs just shadow dropped on Steam
The titular character from Princess Mononoke is depicted riding the wolf goddess Moro and carrying a spear.
Studio Ghibli AI image trend floods social media, cheered on by OpenAI and denounced by critics as an insult to Hayao Miyazaki
Marvel Rivals tier list - Wolverine
Marvel Rivals director says a future patch will reduce the shooter's insatiable hunger for RAM: 'It's a very big problem'
Hogwarts Legacy potions professor holding a potion
An unannounced Hogwarts Legacy expansion and 'definitive edition' have reportedly been cancelled
Story of Seasons - A cahacter in a purple tuxedo stands outside in a town square talking to the player
Story of Seasons is doing another Harvest Moon remake and it might be the best the series has ever looked
Assassin's Creed Shadows change seasons - An upper-body shot of Yasuke looking cheerfully up into the distance.
Assassin's Creed Shadows puts up the 'second highest day-one sales revenue in Assassin's Creed franchise history'
More about security
An FBI wanted poster for alleged hacker Zhou Shuai.

US Justice Dept announces $10 million bounty on at-large 'hacker-for-hire' cabal it says targeted China critics, religious missionaries, and the Treasury
Kinzie, in an FBI jacket, uses a computer with the logo of the Third Street Saints on it

Have I Been Pwned adds over 284 million compromised passwords from latest breach
Today's Wordle being played on a phone

Today's Wordle answer for Friday, March 28
See more latest
Most Popular
Today's Wordle being played on a phone
Today's Wordle answer for Friday, March 28
A screenshot from SaGa Frontier 2, showing one of the protagonists wandering through a quaint fantasy village
One of Square Enix' most underrated PlayStation-era JRPGs just shadow dropped on Steam
The titular character from Princess Mononoke is depicted riding the wolf goddess Moro and carrying a spear.
Studio Ghibli AI image trend floods social media, cheered on by OpenAI and denounced by critics as an insult to Hayao Miyazaki
Marvel Rivals tier list - Wolverine
Marvel Rivals director says a future patch will reduce the shooter's insatiable hunger for RAM: 'It's a very big problem'
Hogwarts Legacy potions professor holding a potion
An unannounced Hogwarts Legacy expansion and 'definitive edition' have reportedly been cancelled
Story of Seasons - A cahacter in a purple tuxedo stands outside in a town square talking to the player
Story of Seasons is doing another Harvest Moon remake and it might be the best the series has ever looked
Assassin's Creed Shadows change seasons - An upper-body shot of Yasuke looking cheerfully up into the distance.
Assassin's Creed Shadows puts up the 'second highest day-one sales revenue in Assassin's Creed franchise history'
A witch riding a broom sails past a Fish and Chips shop.
Cozy gamers rejoice: Witchbrook finally has a release window, and yes, you can fly around on a broom with your friends
Key art for the Ranger class in Path of Exile 2
Path of Exile 2 director isn't worried about ARPG competition, in part thanks to seasons: 'So long as people are willing to come back and play our game for a month four times a year, then I'm good'
The Huntress holding a bloody spear.
The biggest update since Path of Exile 2's early access launch is coming next week, bringing a new class and a bunch of endgame changes