Targeting of organizations using JetBrains software
Date of report
  • December 2023
The Dukes, a threat actor associated with the Russian SVR intelligence agency, were detected using a previously undetected vulnerability in TeamCity, a product used to test and exchange software code before releasing it, to gain access to organizations’ networks. The attacks appear to have been opportunistic, as the Dukes targeted any vulnerable network, rather than targeting a certain company or industry.
Suspected victims
  • Software companies, medical device manufacturers, marketing firms, web hosting companies, and information technology companies.
Suspected state sponsor
  • Russian Federation
Type of incident
  • Espionage
Target category
  • Private sector
Victim government reaction
  • Unknown
Policy response
Suspected state sponsor response