Friday, May 23, 2025
HomeComputer SecurityHacking Group Fxmsp Claims they Hacked 3 Major US Antivirus Companies

Hacking Group Fxmsp Claims they Hacked 3 Major US Antivirus Companies

Published on

SIEM as a Service

Follow Us on Google News

Fxmsp is a collective of Russian- and English-speaking hackers, they are primarily targeting on highly protected networks to exfiltrate sensitive details from corporate’s and government entities.

The hacking group operating since 2017 and they know for targeting corporate and government networks worldwide.

According to the new report from Advanced Intelligence LLC, the hacker group has stolen “source code related to the companies’ software development and offering to sell it, and network access, for over $300,000.”

- Advertisement - Google News

From 2017 and 2018, the group promotes various data breaches on the dark web markets, they recently developed “credential-stealing botnet capable of infecting high-profile targets to exfiltrate sensitive usernames and passwords,” and their main goal is to focus on secured systems.

Starting this April 24, 2019, the hacking group claims they have hacked three antivirus companies and extracted sensitive source code from antivirus software, AI, and security plugins from the companies.

They also commented that they have analyzed the different companies’ software and assessed their efficiency, reads the AdvIntel report.

Based on the screenshot offered by Fxmsp, they purported to contain 30 terabytes of data, which extracted from the antivirus companies networks and not disclosing the company names.

“The folders seem to contain information about the company’s development documentation, artificial intelligence model, web security software, and antivirus software base code.”

the group offered privately to sell the source code and network access to all three companies for “over $300,000,” Yelisey Boguslavskiy said to Ars Technica.

The actor claimed that antivirus breach research had been their main project over the last six months, Advanced Intelligence researchers said, “Fxmsp is a credible hacking collective that has a history of selling verifiable corporate breaches returning them profit close to USD 1,000,000.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Microsoft Exchange Server Zero-day Flaw Exploit Provide Highest Admin Privilege to Hackers

Microsoft Releases Security Advisory for Privilege Escalation Vulnerability With Exchange Server

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

CefSharp Enumeration Tool Identifies Critical Security Issues in .NET Desktop Applications

Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light...

Russian Hackers Exploit Oracle Cloud Infrastructure to Target Scaleway Object Storage

Russian threat actors have been leveraging trusted cloud infrastructure platforms like Oracle Cloud Infrastructure...

Critical Vulnerability in Netwrix Password Manager Enables Authenticated Remote Code Execution

A critical security vulnerability has been discovered in Netwrix Password Secure, a widely used...

Cityworks Zero-Day Vulnerability Used by UAT-638 Hackers to Infect IIS Servers with Shell Malware

Cisco Talos has uncovered active exploitation of a zero-day remote-code-execution vulnerability, identified as CVE-2025-0994,...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

CefSharp Enumeration Tool Identifies Critical Security Issues in .NET Desktop Applications

Cybersecurity researchers and red teamers, a newly released tool named CefEnum is shedding light...

Russian Hackers Exploit Oracle Cloud Infrastructure to Target Scaleway Object Storage

Russian threat actors have been leveraging trusted cloud infrastructure platforms like Oracle Cloud Infrastructure...

Critical Vulnerability in Netwrix Password Manager Enables Authenticated Remote Code Execution

A critical security vulnerability has been discovered in Netwrix Password Secure, a widely used...