‘Chinese Spies’ Had NSA Cyber Weapons Before The Shadow Brokers Leak

Uploaded on 2019-05-17 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE-Hot Spots-China, INTELLIGENCE--USA, TECHNOLOGY--Hackers

Chinese spies obtained NSA cyber weapons more than a year before they were leaked by the Shadow Brokers group in one of the most high-profile hacks of the last decade, it has been alleged.

Researchers at Symantec claimed that the Buckeye group, which is believed to be made up of Chinese intelligence agents, used the weapons to launch attacks on targets in Europe and Asia at least 12 months before they came into the public domain.

In a blog post, Symantec’s investigation team noted that variants of the tools used by Buckeye “appear to be different from those release by Shadow Brokers, potentially indicating that they didn’t originate from that leak”. Instead, Symantec’s researchers believe the tools could have been analysed and repurposed if they were used by the NSA to launch attacks on Chinese targets, the New York Times reported.

Organisations in Hong Kong, Vietnam, the Philippines, Belgium and Luxembourg are among those to have been targeted by Buckeye using the NSA’s stolen weapons, according to Symantec.

In November 2017, three alleged members of the Buckeye group were indicted in the United States for hacking three companies for “commercial advantage”. They were accused by the US Department of Justice of computer hacking, theft of trade secrets, conspiracy and identity theft in a campaign against organisations in the financial, engineering and technology industries. Buckeye had gone quiet in the months before the indictments were issued.

“While Buckeye appeared to cease operations in mid-2017, the Equation Group tools it used continued to be used in attacks until late 2018,” said Symantec’s researchers. “It is unknown who continued to use the tools. They may have been passed to another group or Buckeye may have continued operating longer than supposed.”

The authors added: “All zero-day exploits known, or suspected, to have been used by this group are for vulnerabilities in Internet Explorer and Flash.”

New Statesman:         Symantec

You Might Also Read: 

Who Are The Shadow Brokers?:

Cyber Criminals Are Catching Up  With Nation-state Hackers:

 

 

 

« AI In Cyber Security Is Worth Almost $5B
Verizon 2019 Data Breach Report »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Security Compass

Security Compass

Security Compass, the Security by Design Company, enables organizations to shift left and build secure applications by design, integrated directly with existing DevSecOps tools and workflows.

DKCERT

DKCERT

DKCERT (Danish Computer Security Incident Response Team) handles security incidents on forskningsnettet, the National Research and Education Network (NREN) in Denmark.

ReversingLabs

ReversingLabs

ReversingLabs develops cyber threat detection and mitigation tools that address the the latest directed attacks, advanced persistent threats and polymorphic malware.

Cimcor

Cimcor

Cimcor’s flagship software product, CimTrak, helps organizations to monitor and protect a wide range of physical, network and virtual IT assets in real-time.

CRI4DATA

CRI4DATA

CRI4DATA's mission is to help organizations build their resilience to cyber risk.

Inavate Consulting

Inavate Consulting

Inavate Consulting are experts in defining and implementing information assurance solutions and governance frameworks. Our ISO27001 consultants are the most experienced in the industry.

Inspira Enterprise

Inspira Enterprise

Inspira Enterprise is a leading digital transformation company with expertise in Cyber Security, Internet of Things (IOT), Blockchain, Big Data & Analytics, Intelligent Automation and Cloud Computing.

InGuardians

InGuardians

InGuardians is an independent information security consulting firm specializing in penetration testing, threat hunting, and hardware hacking.

World Cyber Security Summit

World Cyber Security Summit

World Cyber Security Summit, by Trescon, is a thought-leadership driven platform for CISOs who are looking to explore new-age threats and the technologies/strategies that can help mitigate them.

Cornami

Cornami

Cornami delivers real-time computing on encrypted data sets, which is vital for data privacy and cloud security.

Heartland Business Systems (HBS)

Heartland Business Systems (HBS)

Heartland Business Systems serves commercial, public sector and small to medium business with results-driven and dedicated information technology services.

Forward Global

Forward Global

Forward Global designs and delivers services and technologies to manage digital, economic, and information risks.

ClearSky Cyber Security

ClearSky Cyber Security

ClearSky cyber security provides cyber solutions, focused on threat intelligence services, mainly for the financial sector, critical infrastructure, public sector and the pharma sector.

Lightpath

Lightpath

Lightpath is revolutionizing how organizations connect to their digital destinations by combining our next-generation network with our next-generation customer service.

Evolve Business Group

Evolve Business Group

Evolve is an independently-owned managed network solutions provider, creating bespoke packages for customers globally since 2005.

Shepherd

Shepherd

Shepherd's mission is to empower IT teams with solutions that simplify endpoint management, enhance security, and adapt to the evolving complexities of modern work environments.