Hex-Rays Team had shipped out a message for all its users to mind that information leakage had occurred, some way or another. They have no records on how the attack was carried, but they believe that the attack included a vulnerability in their web interface, which could point on SQLi, RCE or RFI. If no traces were documented or logged it could also be a phishing attack that included account hijack of one of the administrators. We could only guess of course.
The following image was taken from an inbox of one of the IDA users which received the message just yesterday:
Products like IDA are being used widely around the globe by analysts and reverse engineers to analyze binaries. IDA had many uses and has been a leading product for the security industry.
Who even taken part of the campaign to attack Hex-Rays know exactly how much a database of valid licenses of IDA is probably worth in the market.
