Source codes of Microsoft products have been offered for sale on the relevant black market channels by people who are supposed to be behind the SolarWinds hack. Above all, this could serve as a distraction.
For a file that should contain a total of 2.6 gigabytes with various data from Microsoft, you want a proud $600,000. This should contain larger parts of the Windows sources as well as various other repositories from the Redmond stock. The providers came into their possession when they gained access to the software company’s systems a few weeks ago through the SolarWinds hack.
But there are also various other packages on offer. A collection of source codes for various Cisco products, including an internal bug tracker, is also offered, and here too they want to get at least $500,000. There are also a few smaller packages. For a million dollars, there is even said to be a low collective price for all stolen data.
Offer hardly profit-oriented
In the SolarWinds hack, attackers succeeded in infiltrating widely used network management software. This gave them access to the IT infrastructures of numerous large companies that use the products of the manufacturer SolarWinds to control their systems. It is therefore quite possible that the packages offered actually contain the information described.
The security researcher Jake Williams, who reported on the offers, nevertheless warned against taking them too seriously. From his point of view, these are primarily smoke candles. Behind the hack is probably the ShadowBrokers group, which has also carried out various other actions. However, their driving force is less profit. Therefore, the offer is more likely to serve as a source of confusion in order to hinder the investigation into the incident.