STE WILLIAMS

Hackers have leaked files amid claims they broke into the network of incident response firm FireEye/Mandiant. The firm has denied this.

The hackers, who branded their attack campaign “Op #LeakTheAnalyst” claimed in a preface to their PasteBin dump that they had “breached [Mandiant’s] infrastructure” and alleged that Mandiant’s internal networks and its clients’ data had been compromised.

However, independent analysts, based on initial analysis, said no evidence of any compromise beyond the unconfirmed breach of a single machine had been provided this far.

Ido Naor, a researcher at Kaspersky Lab, commented: “Only one workstation seems to be infected during ‪#leakTheAnalyst‬. Dump does not show any damage to core assets of ‪Mandiant‬.”

Researcher Hanan Natan‏ agreed: “The current ‪#leakTheAnalyst‬ dump doesn’t contain any [proof] that they compromised the ‪Mandiant‬ networks.‬”

In response, FireEye put out a preliminary statement blaming the whole thing on a social media leak.

We are aware of reports that a Mandiant employee’s social media accounts were compromised. We immediately began investigating this situation, and took steps to limit further exposure. Our investigation continues, but thus far, we have found no evidence FireEye or Mandiant systems were compromised.

®

Sponsored:
The Joy and Pain of Buying IT – Have Your Say

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2017/07/31/mandiant_fireeye_leak/