Security News > 2021 > February > Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report
New research has found evidence that a Chinese-affiliated threat group has hijacked a hacking tool previously used by the Equation Group.
"Although we don't show any conclusive evidence that there is there any connection between China and the ShadowBrokers, we do show conclusive evidence that this Chinese group had in their possession a tool that was made by Equation Group, and not only that they had this tool, but they also repurposed it and used it, probably to attack many targets, including American targets," Yaniv Balmas, head of cyber research with Check Point Software, said.
Although we don't show any conclusive evidence that you know, there is there any connection between China and the Shadow Brokers we do show conclusive evidence that this Chinese group had in their possession, a tool that was made by Equation Group, and not only that they had this tool, but they also repurposed it and used it, probably to attack many targets, including American targets.
So the ones that remain open, and the ones that we think are most probable are: One, it is possible, for example, that the Equation Group attacked some Chinese target.
Another possible scenario is that this Chinese group hacked into the Equation Group - I think it's less probable, but still, it is a possibility.
I think the American tool seems to be much more mature, much more elegant in the way it's written.
News URL
https://threatpost.com/chinese-hackers-hijacked-nsa-hacking-tool/164155/
Related news
- US says Chinese hackers breached multiple telecom providers (source)
- Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Sophos reveals 5-year battle with Chinese hackers attacking network devices (source)
- Sophos Versus the Chinese Hackers (source)
- FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions (source)
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign (source)
- Chinese hackers target Linux with new WolfsBane malware (source)
- Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries (source)