Late July a hacker who goes online with the moniker LeakTheAnalyst claimed to have breached FireEye systems. The hacker leaked details alleged stolen from a compromised system maintained by Adi Peretz, a Senior Analyst at Mandiant.
The hacker leaked a 337MB PST file containing the expert’s emails and also images of its accounts, including One Drive, Live, LinkedIn, geo-tracking of personal devices for at least a year, billing records and PayPal receipts.
At that time, the hacker claimed to have launched the #LeakTheAnalyst operation that aimed at doxing the security analysts who hunt hackers.
“Let’s trash their reputation in the field,” the hacker said. “It was fun to be inside a giant company named “Mandiant” we enjoyed watching how they try to protect their clients and how their dumb analysts are trying to reverse engineer malware and stuff.”
“This leak was just a glimpse of how deep we breached into Mandiant, we might publish more critical data in the future.”
FireEye denied any intrusion in its systems, according to the security firm, the hackers did not hack the company network or the Adi Peretz’s personal or corporate computers.
The login credentials used by Peretz were exposed in the past in numerous data breaches, including LinkedIn.
The experts discovered that the attackers started using the stolen credentials to access several of the Victim’s personal online accounts (LinkedIn, Hotmail and OneDrive accounts) in September 2016.
The documents publicly released were obtained from the victim’s personal online accounts and many of them were already available online.
On Thursday, the alleged hacker has been arrested and taken into custody by international police. The news was confirmed by FireEye CEO Kevin Mandia at the company’s Q3 Earnings Results Conference Call on Wednesday.
“These attackers rarely, if ever get caught…Over my career, I have found it frustrating how little risk or repercussions exist for the attackers, who hide behind the anonymity of the internet to cause harm to good, well-intentioned people,” Mandia said.
“Therefore, I am pleased that, in this case, we were able to impose repercussions for the attacker and achieve a small victory for the good guys.”
Mandia explained that his company had to sink a “tremendous amount of its time and effort into investigating the hacker’s claims.”
(Security Affairs – FireEye, LeakTheAnalyst)