FireEye hasn't identified suspects, but the mainstream media, including Wall Street Journal and the New York Times, alleged that the hackers were from Russia.
“Recently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack,” the company said in a statement. “During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers’ security.”
It explained that these tools mimic the behavior of cyber threat actors and enable to provide essential diagnostic security services to customers.
30 October 2020, 22:35 GMT
FireEye said that it continues the probe in coordination with the Federal Bureau of Investigation and other key partners, including Microsoft, and their initial analysis "supports the conclusion that this was the work of a highly sophisticated state-sponsored attacker utilizing novel techniques.”
In addition, the company has seen no evidence of attackers using its stolen tools, but “out of an abundance of caution” has developed more than 300 countermeasures for customers and the community at large.