JetBrains, maker of popular development software including the likes of IntelliJ IDEA, WebStorm, Project Rider, the Kotlin language and even the Mono font, are being investigated by the FBI as part of the SolarWinds hack probe according to the New York Times. The product in question targeted in this investigation is their build management solution TeamCity. Please keep in mind, this is just an investigation at this point, there is no guilt established and no indication JetBrains products have been compromised.
From the New York Times article, JetBrains deny any knowledge of a compromise in their software:
JetBrains said on Wednesday that it had not been contacted by government officials and was not aware of any compromise. The exact software that investigators are examining is a JetBrains product called TeamCity, which allows developers to test and exchange software code before its release. By compromising TeamCity, or exploiting gaps in how customers use the tool, cybersecurity experts say the Russian hackers could have invisibly planted back doors in an untold number of JetBrain’s clients.
Government officials are not certain how the compromise of the JetBrains software relates to the larger SolarWinds hacking. They are seeking to learn if it was a parallel way for Russia’s main intelligence agency to enter government and private systems, or whether it was the original pathway for Russian operatives to first infiltrate SolarWinds.
Information on the JetBrains investigation are limited, there is also an extremely short article on Reuters. The extent of the SolarWinds hack continue to grow daily. After the video was published, JetBrains have issued a response to the New York Times article, included in full:
The New York Times has published a story in which they point to JetBrains being under investigation and somehow related to the SolarWinds breach that recently took place.
First and foremost, JetBrains has not taken part or been involved in this attack in any way. SolarWinds is one of our customers and uses TeamCity, which is a Continuous Integration and Deployment System, used as part of building software. SolarWinds has not contacted us with any details regarding the breach and the only information we have is what has been made publicly available. It’s important to stress that TeamCity is a complex product that requires proper configuration. If TeamCity has somehow been used in this process, it could very well be due to misconfiguration, and not a specific vulnerability. Furthermore, security is our top concern and we notify and manage updates transparently in our Security Bulletin.
Secondly, we have not been contacted by any government or security agency regarding this matter, nor are we aware of being under any investigation. If such an investigation is undertaken, the authorities can count on our full cooperation.
We remain open to answering any and all questions regarding this matter and as always are committed to delivering the best possible products and services to our customers.
Thank you
Maxim Shafirov
Chief Executive Officer