Saturday, July 20, 2024

Hacking Group Fxmsp Claims they Hacked 3 Major US Antivirus Companies

Fxmsp is a collective of Russian- and English-speaking hackers, they are primarily targeting on highly protected networks to exfiltrate sensitive details from corporate’s and government entities.

The hacking group operating since 2017 and they know for targeting corporate and government networks worldwide.

According to the new report from Advanced Intelligence LLC, the hacker group has stolen “source code related to the companies’ software development and offering to sell it, and network access, for over $300,000.”

From 2017 and 2018, the group promotes various data breaches on the dark web markets, they recently developed “credential-stealing botnet capable of infecting high-profile targets to exfiltrate sensitive usernames and passwords,” and their main goal is to focus on secured systems.


Starting this April 24, 2019, the hacking group claims they have hacked three antivirus companies and extracted sensitive source code from antivirus software, AI, and security plugins from the companies.

They also commented that they have analyzed the different companies’ software and assessed their efficiency, reads the AdvIntel report.

Based on the screenshot offered by Fxmsp, they purported to contain 30 terabytes of data, which extracted from the antivirus companies networks and not disclosing the company names.

“The folders seem to contain information about the company’s development documentation, artificial intelligence model, web security software, and antivirus software base code.”

the group offered privately to sell the source code and network access to all three companies for “over $300,000,” Yelisey Boguslavskiy said to Ars Technica.

The actor claimed that antivirus breach research had been their main project over the last six months, Advanced Intelligence researchers said, “Fxmsp is a credible hacking collective that has a history of selling verifiable corporate breaches returning them profit close to USD 1,000,000.”

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Also Read:

Microsoft Exchange Server Zero-day Flaw Exploit Provide Highest Admin Privilege to Hackers

Microsoft Releases Security Advisory for Privilege Escalation Vulnerability With Exchange Server


Latest articles

Hackers Claiming Dettol Data Breach: 453,646 users Impacted

A significant data breach has been reported by a threat actor known as 'Hana,'...

CrowdStrike Update Triggers Widespread Windows BSOD Crashes

A recent update from cybersecurity firm CrowdStrike has caused significant disruptions for Windows users,...

Operation Spincaster Disrupts Approval Phishing Technique that Drains Victim’s Wallets

Chainalysis has launched Operation Spincaster, an initiative to disrupt approval phishing scams that have...

Octo Tempest Know for Attacking VMWare ESXi Servers Added RansomHub & Qilin to Its Arsenal

Threat actors often attack VMware ESXi servers since they accommodate many virtual machines, which...

TAG-100 Actors Using Open-Source Tools To Attack Gov & Private Orgs

Hackers exploit open-source tools to execute attacks because they are readily available, well-documented, and...

macOS Users Beware Of Weaponized Meeting App From North Korean Hackers

Meeting apps are often targeted and turned into weapons by hackers as they are...

Hackers Exploiting Legitimate RMM Tools With BugSleep Malware

Since October 2023, MuddyWater, which is an Iranian threat group linked to MOIS, has...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles