Cybernews
  • News
  • Editorial
  • Security
  • Privacy
    • What is a VPN?
    • What is malware?
    • How safe are password managers?
    • Are VPNs legal?
    • More resources
    • Strong password generator
    • Personal data leak checker
    • Antivirus software
    • Best VPN services
    • Password managers
    • Secure email providers
    • Best website builders
  • Follow
    • Twitter
    • Facebook
    • YouTube
    • Linkedin
    • Flipboard
    • Newsletter

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

Our readers help us create quality content. If you purchase via links on our site, we may receive affiliate commissions. Learn more

Home » News » Chinese spyware code was copied from America’s NSA: researchers

Chinese spyware code was copied from America’s NSA: researchers

by Reuters
22 February 2021
in News
0
Chinese spyware code was copied from America’s NSA: researchers
34
SHARES


Chinese spies used code first developed by the U.S. National Security Agency to support their hacking operations, Israeli researchers said on Monday, another indication of how malicious software developed by governments can boomerang against their creators.

Tel Aviv-based Check Point Software Technologies issued a report noting that some features in a piece of China-linked malware it dubs “Jian” were so similar they could only have been stolen from some of the National Security Agency break-in tools leaked to the internet in 2017.

Yaniv Balmas, Checkpoint’s head of research, called Jian “kind of a copycat, a Chinese replica.”

The find comes as some experts argue that American spies should devote more energy to fixing the flaws they find in software instead of developing and deploying malicious software to exploit it.

The NSA declined comment. The Chinese Embassy in Washington did not respond to requests for comment.

A person familiar with the matter said Lockheed Martin Corp – which is credited as having identified the vulnerability exploited by Jian in 2017 – discovered it on the network of an unidentified third party.

In a statement, Lockheed said it “routinely evaluates third-party software and technologies to identify vulnerabilities.”

Countries around the world develop malware that breaks into their rivals’ devices by taking advantage of flaws in the software that runs them. Every time spies discover a new flaw they must decide whether to quietly exploit it or fix the issue to thwart rivals and rogues.

That dilemma came to public attention between 2016 and 2017, when a mysterious group calling itself the “Shadow Brokers” published some of the NSA’s most dangerous code to the internet, allowing cybercriminals and rival nations to add American-made digital break-in tools to their own arsenals.

How the Jian malware analyzed by Checkpoint was used is not clear. In an advisory published in 2017, Microsoft Corp suggested it was linked to a Chinese entity it dubs “Zirconium,” which last year was accused of targeting U.S. election-related organizations and individuals, including people associated with President Joe Biden’s campaign.

Checkpoint says Jian appears to have been crafted in 2014, at least two years before the Shadow Brokers made their public debut. That, in conjunction with research published in 2019 by Broadcom Inc-owned cybersecurity firm Symantec about a similar incident, suggests the NSA has repeatedly lost control of its own malware over the years.

Checkpoint’s research is thorough and “looks legit,” said Costin Raiu, a researcher with Moscow-based antivirus firm Kaspersky Lab, which has helped dissect some of the NSA’s malware.

Balmas said a possible takeaway from his company’s report was for spymasters weighing whether to keep software flaws secret to think twice about using a vulnerability for their own ends.

“Maybe it’s more important to patch this thing and save the world,” Balmas said. “It might be used against you.”

(Reporting by Raphael Satter; Editing by Lisa Shumaker)

Share34TweetShareShare
Next Post
Smart Home on smart phone

Who's hacking your smart home?

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

I agree to the Terms & Conditions and Privacy Policy.

Editor's choice

COMb data leak - Mother of all breaches
News

COMB: largest breach of all time leaked online with 3.2 billion records

by Bernard Meyer
12 February 2021
37

It's being called the biggest breach of all time and the mother of all breaches: COMB, or the Compilation of...

Read more
14 million Amazon and eBay accounts sold online in new leak

14 million alleged Amazon and eBay account details sold online

17 February 2021
The hype around quantum computing: it’s not too early to get in

The hype around quantum computing: it’s not too early to get in

15 February 2021
Facebook phishing campaign that tricked nearly 450,000 users in Germany is now spreading in the UK

Facebook phishing campaign that tricked nearly 450,000 users in Germany is now spreading in the UK

15 February 2021
Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

Cyberpunk 2077 maker CD Projekt Red has GWENT source code leaked after ransomware attack

10 February 2021
  • Categories
    • News
    • Editorial
    • Security
    • Privacy
  • Reviews
    • Antivirus Software
    • Password Managers
    • Best VPN Services
    • Secure Email Providers
    • Website Builders
  • Tools
    • Password generator
    • Personal data leak checker
  • Engage
    • About Us
    • Send Us a Tip
    • Careers
  • Twitter
  • Facebook
  • YouTube
  • Linkedin
  • Flipboard
  • Newsletter
  • About Us
  • Contact
  • Send Us a Tip
  • Privacy Policy
  • Terms & Conditions
  • Vulnerability Disclosure

© 2021 CyberNews - Latest tech news, product reviews, and analyses.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy Policy.

Home

News

Editorial

Security

Privacy

Resources

  • About Us
  • Contact
  • Careers
  • Send Us a Tip

© 2020 CyberNews – Latest tech news, product reviews, and analyses.

Subscribe for Security Tips and CyberNews Updates
Email address is required. Provided email address is not valid. You have been successfully subscribed to our newsletter!