‘Chinese Spies’ Had NSA Cyber Weapons Before The Shadow Brokers Leak

Uploaded on 2019-05-17 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE-Hot Spots-China, INTELLIGENCE--USA, TECHNOLOGY--Hackers

Chinese spies obtained NSA cyber weapons more than a year before they were leaked by the Shadow Brokers group in one of the most high-profile hacks of the last decade, it has been alleged.

Researchers at Symantec claimed that the Buckeye group, which is believed to be made up of Chinese intelligence agents, used the weapons to launch attacks on targets in Europe and Asia at least 12 months before they came into the public domain.

In a blog post, Symantec’s investigation team noted that variants of the tools used by Buckeye “appear to be different from those release by Shadow Brokers, potentially indicating that they didn’t originate from that leak”. Instead, Symantec’s researchers believe the tools could have been analysed and repurposed if they were used by the NSA to launch attacks on Chinese targets, the New York Times reported.

Organisations in Hong Kong, Vietnam, the Philippines, Belgium and Luxembourg are among those to have been targeted by Buckeye using the NSA’s stolen weapons, according to Symantec.

In November 2017, three alleged members of the Buckeye group were indicted in the United States for hacking three companies for “commercial advantage”. They were accused by the US Department of Justice of computer hacking, theft of trade secrets, conspiracy and identity theft in a campaign against organisations in the financial, engineering and technology industries. Buckeye had gone quiet in the months before the indictments were issued.

“While Buckeye appeared to cease operations in mid-2017, the Equation Group tools it used continued to be used in attacks until late 2018,” said Symantec’s researchers. “It is unknown who continued to use the tools. They may have been passed to another group or Buckeye may have continued operating longer than supposed.”

The authors added: “All zero-day exploits known, or suspected, to have been used by this group are for vulnerabilities in Internet Explorer and Flash.”

New Statesman:         Symantec

You Might Also Read: 

Who Are The Shadow Brokers?:

Cyber Criminals Are Catching Up  With Nation-state Hackers:

 

 

 

« AI In Cyber Security Is Worth Almost $5B
Verizon 2019 Data Breach Report »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

JumpCloud

JumpCloud

JumpCloud's Directory-as-a-Service (DaaS) is the single point of authority to authenticate, authorize, and manage the identities of a business’s employees and the systems and IT resources they need.

Micro Focus

Micro Focus

Micro Focus is one of the world’s largest enterprise software providers. We deliver trusted and proven mission-critical software that keeps the digital world running.

Oppida

Oppida

Oppida provides tailored IT security services to help you identify security gaps and assist in finding the most effective remediation.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

Datec PNG

Datec PNG

Datec is the the largest end-to-end information and communications technology solutions and services provider in Papua New Guinea.

Lineal Services

Lineal Services

Lineal supports clients in meeting their digital forensics, cyber security and eDiscovery needs by providing bespoke solutions to complex problems.

ProSearch Partners

ProSearch Partners

ProSearch Partners are national talent acquisition specialists exclusively focussing on Technology and Digital talent including Cybersecurity, Data Analytics and Execs.

CNS Group

CNS Group

CNS Group provides industry leading cyber security though managed security services, penetration testing, consulting and compliance.

Krypsis

Krypsis

Krypsys is an information security company with a focus on helping you defend your information and data against emerging security threats.

Towerwall

Towerwall

Towerwall offers a comprehensive suite of security services and solutions using best-of-breed tools and information security services.

Graylog

Graylog

Graylog provides answers to your team’s security, application, and IT infrastructure questions by enabling you to combine, enrich, correlate, query, and visualize all your log data in one place.

JFrog

JFrog

JFrog is on a mission to enable continuous updates through Liquid Software, empowering developers to code high-quality applications that securely flow to end-users with zero downtime.

Avancer Corporation

Avancer Corporation

Avancer Corporation is a multi-system integrator focusing on Identity and Access Management (IAM) Technology. Founded in 2004.

Nine23

Nine23

Nine23 are a highly focused cyber security solutions company that defines, builds and manages innovative services, enabling end-users to use technology securely in today’s workplace.

Metrics that Matter (MTM)

Metrics that Matter (MTM)

Metrics that Matter redefines how organizations approach cybersecurity by offering unprecedented insight into the value of their assets to criminals and tailored action plans to protect.

Sublime Security

Sublime Security

Sublime is an adaptive email security platform that combines best-in-class effectiveness with unprecedented visibility and control.