A new leaks site claims to be selling data from Cisco, FireEye, Microsoft and SolarWinds that was stolen via the SolarWinds supply chain attack. The appearance of the leaks website comes just four weeks after cybersecurity firm FireEye discovered and issued a public alert, warning that Texas-based SolarWinds' Orion network monitoring software had been backdoored as part of a sophisticated, monthslong campaign. |
The new leaks website, solarleaks.net, contains a single text file, via which the operator claims to be selling four batches of stolen data from Cisco, FireEye, Microsoft and SolarWinds, with each victim's batch retailing for between $50,000 and $600,000. The site also offers to sell "all leaked data for $1 million," as well as to include an unnamed bonus. Would-be buyers are directed to email "solarleaks@protonmail.com" - an email address registered with ProtonMail, a free, encrypted email service. Emails sent to that address, however, bounced back as being undeliverable. |
As of Wednesday, Mega had removed all four files from its service. But they're likely already circulating via BitTorrent sites for posterity. Additional information posted to the leaks site states that the site isn't including information from any additional victims, but will do so in the future. "We aren't fully done yet and we want to preserve the most of our current access," the site reads. "Consider this a first batch." |