A hacker claims to have stolen Huawei’s internal source code and sold it on an underground cybercriminal forum.
The threat actor has listed Huawei, a Chinese multinational technology company and the world's largest telecommunications equipment manufacturer, as a victim of data theft.
The alleged attacker claims that the data being sold on an underground forum includes source code and internal software development tools used by the telecommunications giant.
The attacker didn’t provide a data sample to prove their claims. The price tag for the extracted dataset was set to $1000.
Cybernews has reached out to Huawei to hear out the company’s position, but a comment has yet to be received.
If the claims prove to be legitimate, the potential impact on the company and its users depends on the scale of the breach and the type of source code components that were compromised.
“Generally, exposed source code could reveal system vulnerabilities which would be useful for the attackers to make more tailored exploits, or it can reveal sensitive internal data related to the company’s systems, such as API keys, and other secrets,” said the Cybernews research team.
The listing appeared on the forum on October 3rd. At the time of writing, the listing's headline has been changed from “Selling” to “Sold,” potentially indicating that it might have been purchased by another threat actor.
Cybernews was not able to independently verify if the dataset was really bought.
Huawei on the radar
In July, Luxembourg suffered a nationwide telecommunications outage caused by a cyberattack reportedly targeting Huawei equipment inside its national telecoms infrastructure.
The outage caused the country’s 4G and 5G mobile networks to go offline for over three hours. Officials expressed concern that many people were unable to contact emergency services, as the backup 2G network became overloaded. Internet connectivity and online banking services were also disrupted.
The conversation on this topic is live. Join in the discussion.
Researchers from a supply chain security firm, Eclypsium, have warned of a surge in malicious scans for old, outdated, and vulnerable network equipment, with threat actors looking for vulnerabilities.
Huawei equipment has topped the list of the most actively scanned routers, with attackers looking for Huawei Home Gateway HG532 devices.
In April, China accused the United States National Security Agency (NSA) of launching "advanced" cyberattacks during the Asian Winter Games in February, targeting essential industries.
The NSA agents were identified as Katheryn A. Wilson, Robert J. Snelling, and Stephen W. Johnson. The three were also found to have "repeatedly carried out cyberattacks on China's critical information infrastructure and participated in cyberattacks on Huawei and other enterprises."
In its blog, Huawei claimed that approximately 1 million cyberattacks occur on Huawei’s IT networks every day.
Huawei has faced ongoing scrutiny from various governments regarding cybersecurity concerns and potential national security risks from the use of the company’s devices.
In 2024, Huawei reported $118.2 billion in its annual revenue.
Unlock more exclusive Cybernews content on YouTube.
Your email address will not be published. Required fields are markedmarked