US officials say Russian targeting JetBrains servers for potential SolarWinds-style operations

By Raphael Satter
WASHINGTON (Reuters) – U.S. officials say that Russian hackers are targeting servers hosting vulnerable software made by the Czech tech company JetBrains for potential SolarWinds-style espionage operations.

In a statement, the U.S. National Security Agency, the FBI and the cyber watchdog agency CISA accused the hackers, sometimes known as Cozy Bear or APT29, of trying to hijack the servers in a bid to access software developers’ source code, something that could potentially allow them to tamper with its compilation or deployment.

JetBrains did not immediately respond to a request seeking comment. The Prague-based company makes tools commonly used by software developers to build programs and boasts nearly 16 million users, potentially making it an ideal springboard for hackers looking to tamper quietly with programs made by other companies.

APT29 is alleged by Western officials and private cybersecurity companies to act on behalf of Russia’s foreign intelligence agency, the SVR, and is generally considered one of the country’s elite hacking groups.

The U.S. statement said the U.S. and its allies had identified “a few dozen compromised companies” in the United States, Europe, Asia, and Australia. It said the companies had little in common except that they had outdated and vulnerable versions of JetBrains exposed to the internet, suggesting the hacks were “opportunistic in nature and not necessarily a targeted attack.”

It urged companies to update their software.

The statement was co-signed by Britain’s National Cyber Security Centre as well as Poland’s Military Counterintelligence Service and its Computer Emergency Response Team.

(Reporting by Raphael Satter; Editing by Jonathan Oatis and Daniel Wallis)

Disclaimer: This report is auto generated from the Reuters news service. ThePrint holds no responsibilty for its content.