According to announcements by the National Security Agency (NSA), the Federal Bureau of Investigation (FBI) and the US Cybersecurity Agency CISA, the hacker efforts have been ongoing since September.
JetBrains is a company that was founded in Prague in 2000 by three Russian programmers and that has acquired more than 1000 employees over the next twenty years.
According to the Americans, the Russians are using the gained access to take steps to ensure permanent access to compromised systems. ČTK is trying to get a statement from JetBrains.
The new US warning concerns a program called TeamCity, which is used by software developers in their work. JetBrains said in mid-September that it had come up with a “patch” for the exposed vulnerability that limited Russian intelligence capabilities.
For affected organizations that did not immediately apply the mentioned update or take other measures, US investigators recommend that they expect a breach of their systems and start a “threat search”.
The NSA, FBI and CISA have so far identified a “limited number” of victims. After systems are breached, they say hackers strengthen their privileges, create “backdoors” and take other steps to create long-term access to the networks in question. But JetBrains denied any connection to large-scale attacks.