{"id":38595,"date":"2020-12-09T01:14:06","date_gmt":"2020-12-09T01:14:06","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/"},"modified":"2020-12-09T01:14:06","modified_gmt":"2020-12-09T01:14:06","slug":"cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/","title":{"rendered":"Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools"},"content":{"rendered":"<p>Cybersecurity corp FireEye has confessed its most secure servers have been compromised, almost certainly by state-backed hackers who then made away with its proprietary hacking tools.<\/p>\n<p>\u201cRecently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack,\u201d a <a target=\"_blank\" href=\"https:\/\/www.fireeye.com\/blog\/products-and-services\/2020\/12\/fireeye-shares-details-of-recent-cyber-attack-actions-to-protect-community.html\" rel=\"noopener noreferrer\">memo<\/a> by its CEO Kevin Mandia on Tuesday read.<\/p>\n<p>The tools stolen are used by FireEye to test their customers\u2019 networks to find potential security holes, making it doubly embarrassing for the tech giant because, presumably, it uses its own tools to make sure its networks are secure. No nation state was named by FireEye though Russian involvement is suspected by the usual <a target=\"_blank\" rel=\"nofollow noopener noreferrer\" href=\"https:\/\/www.washingtonpost.com\/national-security\/leading-cybersecurity-firm-fireeye-hacked\/2020\/12\/08\/a3369aaa-3988-11eb-98c4-25dc9f4987e8_story.html\">anonymous sources<\/a>.<\/p>\n<p>In an effort to save face, Mandia went to some trouble to outline just how good the hackers were and the extraordinary lengths they must have gone to in order to pull down its pants in public, spank it on the bottom, and then run away laughing while FireEye was standing at a lectern telling everyone why they needed to hire the company to protect their networks.<\/p>\n<div class=\"promo_article\"><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/regmedia.co.uk\/2018\/12\/06\/shutterstock_handshake.jpg?x=174&amp;y=115&amp;crop=1\" width=\"174\" height=\"115\" alt=\"handshake\"><\/p>\n<h2 title=\"Flaw variety hipper with snoops than cash-hungry crooks right now\">Roaring trade in zero-days means more vulns are falling into the hands of state spies, warn security researchers<\/h2>\n<p><a href=\"https:\/\/www.theregister.com\/2020\/04\/06\/zero_days_popular_state_hackers_fireeye\/\"><span>READ MORE<\/span><\/a><\/div>\n<p>\u201cI\u2019ve concluded we are witnessing an attack by a nation with top-tier offensive capabilities. This attack is different from the tens of thousands of incidents we have responded to throughout the years,&#8221; he opined.<\/p>\n<p>&#8220;The attackers tailored their world-class capabilities specifically to target and attack FireEye. They are highly trained in operational security and executed with discipline and focus. They operated clandestinely, using methods that counter security tools and forensic examination. They used a novel combination of techniques not witnessed by us or our partners in the past.\u201d<\/p>\n<p>FireEye didn\u2019t say exactly when it noticed the hack but noted it had already run an analysis with the FBI and Microsoft and concluded that it \u201cwas the work of a highly sophisticated state-sponsored attacker utilizing novel techniques.\u201d The FBI confirmed as much in its own brief statement.<\/p>\n<h3 class=\"crosshead\"> <span>Red Team red teamed<\/span><br \/>\n<\/h3>\n<p>As for hacking tools stolen, Mandia said: \u201cWe have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers\u2019 security. These tools mimic the behavior of many cyber threat actors and enable FireEye to provide essential diagnostic security services to our customers.\u201d<\/p>\n<p>Fortunately none of those tools contain zero-day exploits, at least according to FireEye, and it said it has yet to detect the tools being used elsewhere. It has published ways to detect its own tools being used, as well as <a target=\"_blank\" href=\"https:\/\/github.com\/fireeye\/red_team_tool_countermeasures\" rel=\"noopener noreferrer\">countermeasures<\/a>, so others can keep an eye out for the misuse of its software. One imagines that means FireEye will have to come up with new tools for performing penetration tests for customers, otherwise its clients&#8217; IT teams could detect and thwart them quite easily from these countermeasures.<\/p>\n<p>\u201cWe are not sure if the attacker intends to use our Red Team tools or to publicly disclose them,\u201d he noted. \u201cNevertheless, out of an abundance of caution, we have developed more than 300 countermeasures for our customers, and the community at large, to use in order to minimize the potential impact of the theft of these tools.\u201d<\/p>\n<p>If the stolen tools are leaked, the impact could still be significant. Would-be hackers could use the pilfered tech to hone their evasion and exfiltration techniques and exploits to ensure they aren\u2019t detectable by FireEye&#8217;s code, and so greatly increase the chances of successfully breaking in others\u2019 networks.<\/p>\n<p>Publicly listed company FireEye, worth around $3.5bn, is often the company called in to deal with massive security breaches &#8211; it dealt with both the Sony and Equifax hacks \u2013 and it goes to significant lengths to protect its tools, making their loss that much worse.<\/p>\n<h3 class=\"crosshead\"> <span>Owned goal<\/span><br \/>\n<\/h3>\n<p>As to the goal of the hack, FireEye says it \u201cprimarily sought information related to certain government customers\u201d and noted that \u201cwhile the attacker was able to access some of our internal systems, at this point in our investigation, we have seen no evidence that the attacker exfiltrated data from our primary systems that store customer information from our incident response or consulting engagements, or the metadata collected by our products in our dynamic threat intelligence systems.\u201d<\/p>\n<p>So, you know, not a big deal at all. In fact, it\u2019s absolutely fine and FireEye is only going to get bigger and stronger as a result, Mandia shakily insisted: \u201cWe have learned and continue to learn more about our adversaries as a result of this attack, and the greater security community will emerge from this incident better protected. We will never be deterred from doing what is right.\u201d<\/p>\n<p>The company published the chief exec&#8217;s note, and a related SEC filing, just minutes before the stock market closed. Its share price has fallen by more than seven per cent in after-hours trading. \u00ae<\/p>\n<p> READ MORE <a href=\"https:\/\/go.theregister.com\/feed\/www.theregister.com\/2020\/12\/09\/fireeye_tools_hacked\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Not a great look Cybersecurity corp FireEye has confessed its most secure servers have been compromised, almost certainly by state-backed hackers who then made away with its proprietary hacking tools.\u2026 READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":38596,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-38595","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-09T01:14:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"174\" \/>\n\t<meta property=\"og:image:height\" content=\"115\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools\",\"datePublished\":\"2020-12-09T01:14:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/\"},\"wordCount\":840,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/\",\"name\":\"Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools.jpg\",\"datePublished\":\"2020-12-09T01:14:06+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/12\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools.jpg\",\"width\":174,\"height\":115},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/","og_locale":"en_US","og_type":"article","og_title":"Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-12-09T01:14:06+00:00","og_image":[{"width":174,"height":115,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools","datePublished":"2020-12-09T01:14:06+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/"},"wordCount":840,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/","url":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/","name":"Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools.jpg","datePublished":"2020-12-09T01:14:06+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/12\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools.jpg","width":174,"height":115},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/cybersecurity-giant-fireeye-says-it-was-hacked-by-govt-backed-spies-who-stole-its-crown-jewels-hacking-tools\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Cybersecurity giant FireEye says it was hacked by govt-backed spies who stole its crown-jewels hacking tools"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38595","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=38595"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/38595\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/38596"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=38595"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=38595"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=38595"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}