Scumbag puts ‘stolen’ Nokia source code, SSH and RSA keys, more up for sale

Scumbag puts 'stolen' Nokia source code, SSH and RSA keys, more up for sale

November 5, 2024 at 07:09PM

IntelBroker has claimed to have stolen sensitive data from Nokia, including source code and credentials, allegedly obtained from a third-party contractor. Posting on Breachforums, they seek serious buyers for the data. Nokia is investigating the incident, raising concerns about third-party access to its internal materials.

### Meeting Takeaways on Nokia Data Breach Incident

1. **Incident Overview**: IntelBroker has claimed to have stolen sensitive materials from Nokia, including source code, private keys, and user credentials. This information was reportedly collected from a third-party supplier associated with Nokia.

2. **Details of the Breach**:
– The stolen items for sale include:
– Nokia’s source code
– SSH keys
– RSA keys
– Bitbucket logins
– SMTP account details and credentials
– Sample data includes JavaScript, JSON, and PHP files, although more sensitive information is reserved for potential buyers.

3. **Perpetrators**: The breach was orchestrated in collaboration with an individual named EnergyWeaponUser. This marks the second significant data breach claim by the duo within a month, having previously targeted Cisco.

4. **Investigation**: Nokia is currently investigating the claims to determine whether a significant cyber intrusion has occurred. No official comments from Nokia have been made as of the publication date.

5. **Expert Analysis**: Cybersecurity expert Jim Routh expressed concern over the breach, questioning why a third party had access to Nokia’s source code, suggesting it could be linked to developers involved in the software build process.

6. **Marketplace Context**: The breach is part of a larger trend of data sales on the Breachforums marketplace, which continues to operate despite law enforcement efforts to shut it down.

7. **Action Items**:
– Monitor the investigation progress by Nokia.
– Assess the implications of the breach on Nokia’s operations and security posture.
– Explore additional preventive measures against third-party access vulnerabilities.

Full Article

By proceeding you understand and give your consent that your IP address and browser information might be processed by the security plugins installed on this site.
×