Telecom giant Nokia is currently investigating claims that a hacker has stolen its source code. The claims were made in a post by a threat actor named ‘IntelBroker’ on BreachForums.
In the post, the threat actor stated they are selling a large collection of Nokia source code allegedly obtained from a third-party contractor that worked directly with the telecom firm. This data allegedly also includes Nokia’s proprietary software, SSH keys, RSA keys, BitBucket logins, SMTP accounts, webhooks, and hardcoded credentials. IntelBroker additionally posted a sample tree file to validate their claim.
In an interview with Bleeping Computer, the threat actor claims they gained access to Nokia’s systems through the server of a third-party vendor, SonarQube, using default credentials. This then allowed them to download various Python projects, including those belonging to Nokia.
Nokia has acknowledged these reports and claimed it was taking the allegations seriously. The company is conducting an investigation to determine whether any of its systems or data have been compromised. As of publication, Nokia has not found any evidence of such a breach but continues to monitor the situation closely.
“To date, our investigation has found no evidence that any of our systems or data being impacted,” said Nokia. “We continue to closely monitor the situation.”
Previous breaches claimed by IntelBroker
IntelBroker has been linked to numerous high-profile cybersecurity incidents, including breaches involving DC Health Link, Hewlett Packard Enterprise (HPE), and the Weee! grocery service.
In June 2024, IntelBroker claimed to have breached Apple and stolen source code for internal tools. Around the same time, IntelBroker also targeted AMD, acquiring employee and product information. In May 2024, the hacker claimed responsibility for breaching Europol, an incident later confirmed by the agency.
Last month, Cisco began investigating claims of a data breach after IntelBroker, along with two other threat actors, advertised allegedly stolen company data on a hacking forum. In the same month, Japanese tech giant Casio confirmed a data breach in a ransomware attack. The Underground ransomware group claimed responsibility for the Casio attack, releasing documents they claimed were stolen from the Japanese technology firm’s systems.
Read more: Casio confirms data breach in ransomware attack, personal data stolen
