Investing
US officials say Russian targeting JetBrains servers for potential SolarWinds-style operations
© Reuters.
By Raphael Satter
WASHINGTON (Reuters) – U.S. officials say that Russian hackers are targeting servers hosting outdated versions of software made by the Czech tech company JetBrains for potential SolarWinds-style espionage operations.
In a statement, the U.S. National Security Agency, the FBI and the cyber watchdog agency CISA accused the hackers, sometimes known as Cozy Bear or APT29, of trying to hijack the servers in a bid to access software developers’ source code, something that could potentially allow them to tamper with its compilation or deployment.
A similar technique was used to doctor software made by the U.S. software firm SolarWinds (NYSE:), the statement noted. That cyberespionage campaign led to a wave of serious breaches across the government that were discovered in 2019.
In a statement, Prague-based JetBrains said it had fixed the vulnerability affecting its TeamCity collaborative software building tool in September and had been contacting its customers since in the hope of “motivating them to update.”
It said fewer than 2% of TeamCity instances still used unpatched software.
Programs like TeamCity – which help manage other companies’ software building process – can potentially make for ideal springboards for hackers looking to break into many different targets at once.
Securing that kind of sweeping access has been a key priority for APT29, which is alleged by Western officials and private cybersecurity companies to act on behalf of Russia’s foreign intelligence agency, the SVR, and is generally considered one of the country’s elite hacking groups.
The U.S. statement said the U.S. and its allies had identified “a few dozen compromised companies” in the United States, Europe, Asia, and Australia. It said the companies had little in common except that they had outdated and vulnerable versions of JetBrains exposed to the internet, suggesting the hacks were “opportunistic in nature and not necessarily a targeted attack.”
It urged companies to update their software.
The statement was co-signed by Britain’s National Cyber Security Centre as well as Poland’s Military Counterintelligence Service and its Computer Emergency Response Team.
Read the full article here
Zillow: These Are the Top 10 Hottest Housing Markets of 2025
Former Zillow Execs Target $1.3T Market
Automate Applications and Supercharge Your Job Hunt for $39
All the PDF Tools You Need in One Easy-to-Use App
Bank regulator gives BlackRock new deadline on bank stakes, Bloomberg reports By Reuters
5 Things That Could Significantly Impact Your Company in 2025
NFI Group surge after board reshaped with new appointments, chairperson By Investing.com
Microsoft Is About to Begin Job Cuts. Here’s Why.
10 Ways to Make Money As a Graphic Designer
10 Critical Questions to Ask Your Financial Advisor Now
Debt ceiling debate and its effect on the U.S. dollar
Debt ceiling default: Still no deal between parties
Stovall: If the U.S. defaults on its debt, all S&P 500 sectors will likely fall
What China's weaker-than-expected economy could mean for U.S. markets
A ‘Big Short’ investor sees financial disaster brewing in housing markets — again
-
Side Hustles7 days ago5 Things That Could Significantly Impact Your Company in 2025
-
Investing7 days agoNFI Group surge after board reshaped with new appointments, chairperson By Investing.com
-
Side Hustles5 days agoMicrosoft Is About to Begin Job Cuts. Here’s Why.
-
Make Money3 days ago10 Ways to Make Money As a Graphic Designer
-
Make Money4 days ago10 Critical Questions to Ask Your Financial Advisor Now
-
Passive Income6 days ago3 Challenges Entrepreneurs Will Face in 2025
-
Side Hustles6 days agoThe Canadian Media Lawsuit That Could Reshape Tech’s Future
-
Investing5 days agoWhat CMOs Need to Know About AI Adoption in Marketing Teams