The incident is being investigated even by experts security have not given much information about the possible carrier of the attack. However, a representative of the US government, but also the FBI, the CISA and the NSA have said that Behind the attack is probably a Russian state hacking group, aimed at stealing cloud data, such as e-mail and files.
Yesterday, the appeared Solarleaks website (solarleaks [.] net), which claims to sell data stolen from Microsoft products, Cisco, FireEye and SolarWinds, during the recent supply chain attack. These companies are confirmed victims of the hack.
According to the site announcement, among other things, it is for sale Microsoft source code and repositories for $ 600.000. Not sure if the site is telling the truth, but the Microsoft products had confirmed that it existed infringement of its source code.
In addition, it is said to be for sale the source code of many Cisco products, as well as the company's internal bug tracker.
For its part, Cisco says it knows what is being written on the SolarLeaks site, but says there is no evidence that the attackers stole its source code.
"Cisco is aware of this site and does not currently have any evidence of copyright theft related to recent events. We are committed to transparency and if we find information that people should know customers we will announce them through our official channels" he said Cisco.
In addition, the site claims that sells for $ 50.000 her private red team tools and source code FireEye (which has also confirmed data theft during the attack).
Finally, SolarLeaks sells SolarWinds source code and data from a customer portal, for $ 250.000.
If anyone is interested in buying The total of data stolen and exposed, will have to pay $ 1 million.
SolarLeaks operators say they will sell the stolen items data and that other files will be exposed later.
The solarleaks.net domain is registered through NJALLA, a well-known registrar used by Russian hacking groups Fancy Bear and Cozy Bear.
As we said above, it is not certain if the site actually sells the data it advertises.
Source: Bleeping Computer