CyberSecurity SEE

Nokia accused of breaching as IntelBroker claims source code theft – The Register

IntelBroker, a well-known peddler of stolen data, has recently claimed to have successfully infiltrated Nokia’s systems and obtained sensitive materials such as source code, private keys, and other confidential information. The cyber criminal made this declaration on Breachforums, a notorious cyber crime message board, where they offered to sell the purportedly stolen data.

According to IntelBroker’s post on the forum, the stolen data includes Nokia’s source code, SSH keys, RSA keys, Bitbucket logins, SMTP account details, and various other credentials. The miscreant also mentioned collaborating with an individual known as EnergyWeaponUser to carry out the heist, stating that the information was acquired from a third-party supplier utilized by Nokia.

The source code and other compromised files were allegedly obtained from a contractor who was directly involved in Nokia’s internal tool development process. The post explicitly states that only serious buyers with forum credentials will be considered for the sale of this stolen data.

Upon examining the list of files provided as evidence of the security breach, it was revealed that a substantial amount of JavaScript, JSON, and PHP documents were among the stolen data. The most sensitive information is being kept under wraps and will only be disclosed to legitimate buyers who meet the seller’s criteria.

Nokia, the Finnish telecommunications company, is currently probing the claims to verify the extent of the security breach. As of now, Nokia has not issued any official statement regarding the incident.

Security experts, including Jim Routh, chief trust officer at Saviynt, have expressed surprise at the reported breach, questioning the involvement of third-party contractors in accessing Nokia’s source code. Routh speculated that the third party may have been a software engineer contributing to Nokia’s software development process.

This isn’t the first time IntelBroker and EnergyWeaponUser have made headlines for their cyber exploits. In October, the duo allegedly breached Cisco’s systems and claimed to have obtained a significant amount of data. Cisco is still investigating the validity of these claims.

The breach of Nokia’s systems is just one among many cyber attacks reported on the Breachforums marketplace, known for hosting illicit transactions on the dark web and surface web. Despite law enforcement’s efforts to shut down the site earlier this year, it resurfaced shortly after.

As the investigation into the Nokia security breach unfolds, cybersecurity experts are closely monitoring the situation to assess the potential impact on the company and its customers. The prevalence of such cyber attacks underscores the ongoing challenges faced by organizations in protecting their valuable data from malicious actors in the digital realm.

Source link

Exit mobile version