Nokia source code allegedly stolen in third-party cyberattack

Nokia source code allegedly stolen in third-party cyberattack

Nokia source code allegedly stolen in third-party cyberattack

Notorious threat actors have claimed to have stolen data belonging to mobile phone and consumer electronics brand Nokia.

Notorious threat actor IntelBroker, leader of the CyberN—–s threat group, posted on a popular hacking forum claiming to be selling data it had extracted from a third-party Nokia contractor.

“Today, I am selling a large collection of Nokia source code, which we obtained from a third-party contractor who worked directly with Nokia to assist in the development of some internal tools,” the threat actor said.

The data reportedly includes Bitbucket logins, SSH keys, RSA keys, SMTP accounts, encrypted credentials, webhooks, and source code.

As is now common practice at IntelBroker, the threat actor published a sample of the stolen data in the form of a file tree. Being just a text file, it is unclear if any of the threat actor’s claims are real.

IntelBroker has put the data up for sale for $20,000.

According to media reports, Nokia is aware of the claims, but has not yet found any evidence that the incident had any effect on its systems.

“Nokia is aware of reports that an unauthorized actor has allegedly gained access to certain third-party contractor data and possibly Nokia data,” the company said.

“Nokia takes this allegation seriously and we are investigating. To date, our investigation has found no evidence that any of our systems or data have been affected.

“We continue to closely monitor the situation.”

According to Cyber ​​Digest, the breach may have had an impact beyond the company’s immediate systems, stating that the incident affected data from Nokia’s 4G and 5G products, as well as Vodafone Idea Limited (VIL), a major telecom company in India with over 217 million subscribers. .

While IntelBroker did not mention publishing any customer data, the claims made could lead to further data breaches through the use of source code or credentials.

Leave a Reply

Your email address will not be published. Required fields are marked *