Nightmare scenario became reality for the Virginia-based Mandiant Security and one of its employees, Adi Peretz, after hackers spent a year inside their network.
Peretz, who works as a Senior Threat Intelligence Analyst, has become the victim of “Operation #LeakTheAnalyst,” and appears to be collateral damage in a backlash against the legitimate security industry. The hackers dumped the contents of his email inbox, as well as several internal Mandiant and FireEye documents.
The dump is an treasure trove of hugely sensitive internal information. Included are network topologies, threat intelligence profiles for the Israeli Defence Forces, and company worksheets.
Mandiant primarily focuses on digital forensics.
The hackers have leaked nearly 32 megabytes of data—both personal and professional—belonging to Peretz on Pastebin as proof.
Wow. Mandiant hacked and internal data + customer data stolen? https://t.co/WFDqeuT13x
— Rickey Gevers (@UID_) July 31, 2017
The hackers also broke into his LinkedIn profile and defaced it.
Hackers dumped very sensitive information about him, including:
- Peretz’s Contacts
- Screenshots of the Windows Find My Device Geolocator, linked to Peretz’s Surface Pro laptop.
- Client correspondence
- Contents of his email inbox
- Peretz’s Microsoft account login details
- Threat intelligence profiles for the Israeli Defence Force (IDF)
- Several internal Mandiant and FireEye documents
At the bottom of pastebin leak, they wrote:
Nobody understands the amount of dedication it takes to break into a highly secured network, to bypass every state of the art security measure installed to make a targeted network unbreakable, to code and hack not for the money but for the pleasure of being somewhere no one can be in, to be addicted to pain.From time to time there is a know-it-all security professional tries to read your sick mind and blow your breach plan up to hell.For a long time we – the 31337 hackers – tried to avoid these fancy ass “Analysts” whom trying to trace our attack footprints back to us and prove they are better than us. In the #LeakTheAnalyst operation we say fuck the consequence let’s track them on Facebook, Linked-in, Tweeter, etc. let’s go after everything they’ve got, let’s go after their countries, let’s trash their reputation in the field. If during your stealth operation you pwned an analyst, target him and leak his personal and professional data, as a side job of course ;).