Security News > 2021 > March > Chinese Hackers Stole an NSA Windows Exploit in 2014
Check Point has evidence that Chinese hackers stole and cloned an NSA Windows hacking tool years before Russian hackers stole and then published the same tool.
2013: NSA's Equation Group developed a set of exploits including one called EpMe that elevates one's privileges on a vulnerable Windows system to system-administrator level, granting full control.
2014-2015: China's hacking team code-named APT31, aka Zirconium, developed Jian by, one way or another, cloning EpMe.
Early 2017: The Equation Group's tools were teased and then leaked online by a team calling itself the Shadow Brokers.
Around that time, Microsoft cancelled its February Patch Tuesday, identified the vulnerability exploited by EpMe, and fixed it in a bumper March update.
Mid 2017: Microsoft quietly fixed the vulnerability exploited by the leaked EpMo exploit.
News URL
Related news
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- Hackers Exploit Google Tag Manager to Deploy Credit Card Skimmers on Magento Stores (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- Russian military hackers deploy malicious Windows activators in Ukraine (source)
- North Korean Hackers Exploit PowerShell Trick to Hijack Devices in New Cyberattack (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Hackers exploit authentication bypass in Palo Alto Networks PAN-OS (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)