The hacker group named Achilles in the underground hacking forum today claimed that it has broken through the internal networks and infrastructure of major security companies. Achilles offers to sell details for a way in for modest prices between $2,000 and $5,000 based on the value of the target. Achilles seems to prefer to attack security companies in the United States, the main target of this sale is Symantec, McAfee and Trend Micro. However, in addition to the above-mentioned security companies, Komodo, which was founded in the United Kingdom but has offices in the United States, is also listed, and UNICEF is among them.
According to Achilles, they can go directly to the internal networks of Symantec and Comodo, mainly by remote connection via Remote Desktop Protocol. It is unclear whether the passwords for these remote desktop connections are obtained or compromised by brute force attack, but the above-mentioned attack methods have a high probability of being remote desktop connections. In a private conversation, Achilles also told the website BleepingComputer that UNICEF had 3.6 TB of data on a server. In addition to the remote desktop connection, it is unclear whether Achilles has other intrusions, and the hacker organization can provide other evidence after the payment.
When BleepingComputer contacted Symantec, Symantec said there was no evidence that Symantec’s internal network was compromised. Comodo and other companies have not issued an official response on this matter for a while, and Achilles is also a potential target for some commercial companies other than attacking security companies. Achilles has a good reputation in the black market, they also provide a lot of transactions to improve credibility, and also hosted through a hacker forum. However, it is still unclear whether these are provided by Achilles. It is very common to swindle in the black market.