Hacker claims to steal source code owned by Nokia

November 7, 2024
Nokia Source Code Hackers Dark Web Data Breach

Nokia is trying to verify if one of its third-party vendors suffered a compromise after a threat actor claimed that it had stolen its source code. The hacker is also trying to sell the alleged data on a dark web forum.

The tech company is aware of the reports regarding the unauthorised individuals who allegedly gained access to its specific third-party contractor data and perhaps Nokia data. The company stated in one of the inquiries that it takes the claim seriously and has already launched a team to investigate the incident.

The company’s investigation has not identified evidence that an attack has impacted any of its systems or data. However, they assured everyone that they would continue to watch the situation actively despite not spotting a potential compromise.

 

A notorious threat actor, IntelBroker, has prompted Nokia to investigate its third-party vendors’ servers.

 

This incident on Nokia comes after the notorious IntelBroker threat actor was announced as claiming to be selling the company’s source code after stealing it from one of its third-party vendors’ servers.

The threat actor explained that it is currently offering a significant collection of Nokia source code that it obtained from a third-party contractor that worked directly with Nokia to assist with the creation of several internal tools.

In addition, IntelBroker reports that the stolen data includes SSH keys, source code, RSA keys, BitBucket logins, SMTP accounts, webhooks, and hardcoded credentials.

Furthermore, the threat actor revealed that it got access to the third-party vendor’s SonarQube server using default credentials. This access allowed the attackers to download clients’ Python projects, including Nokia’s.

On the other hand, Nokia has yet to verify these claims despite becoming aware of the nature of the stolen information.

This threat actor first appeared and gained traction in the cybercriminal landscape by hacking DC Health Link. This corporation handles healthcare insurance for household members, personnel, and their families in the United States.

This group is also tied to the attacks on Hewlett Packard Enterprise (HPE) and the Weee! Grocery service.

The legitimacy of the threat actor’s claims remains unverified since the affected company’s investigation has not identified evidence of a hack. Still, potentially affected parties should be wary of this incident as it can cause significant risks if the hacker’s claims are valid.

About the author

Leave a Reply