FireEye hasn't identified suspects, but the mainstream media, including Wall Street Journal and the New York Times, alleged that the hackers were from Russia.
“Recently, we were attacked by a highly sophisticated threat actor, one whose discipline, operational security, and techniques lead us to believe it was a state-sponsored attack,” the company said in a statement. “During our investigation to date, we have found that the attacker targeted and accessed certain Red Team assessment tools that we use to test our customers’ security.”
It explained that these tools mimic the behavior of cyber threat actors and enable to provide essential diagnostic security services to customers.
In addition, the company has seen no evidence of attackers using its stolen tools, but “out of an abundance of caution” has developed more than 300 countermeasures for customers and the community at large.