‘Chinese Spies’ Had NSA Cyber Weapons Before The Shadow Brokers Leak

Uploaded on 2019-05-17 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE-Hot Spots-China, INTELLIGENCE--USA, TECHNOLOGY--Hackers

Chinese spies obtained NSA cyber weapons more than a year before they were leaked by the Shadow Brokers group in one of the most high-profile hacks of the last decade, it has been alleged.

Researchers at Symantec claimed that the Buckeye group, which is believed to be made up of Chinese intelligence agents, used the weapons to launch attacks on targets in Europe and Asia at least 12 months before they came into the public domain.

In a blog post, Symantec’s investigation team noted that variants of the tools used by Buckeye “appear to be different from those release by Shadow Brokers, potentially indicating that they didn’t originate from that leak”. Instead, Symantec’s researchers believe the tools could have been analysed and repurposed if they were used by the NSA to launch attacks on Chinese targets, the New York Times reported.

Organisations in Hong Kong, Vietnam, the Philippines, Belgium and Luxembourg are among those to have been targeted by Buckeye using the NSA’s stolen weapons, according to Symantec.

In November 2017, three alleged members of the Buckeye group were indicted in the United States for hacking three companies for “commercial advantage”. They were accused by the US Department of Justice of computer hacking, theft of trade secrets, conspiracy and identity theft in a campaign against organisations in the financial, engineering and technology industries. Buckeye had gone quiet in the months before the indictments were issued.

“While Buckeye appeared to cease operations in mid-2017, the Equation Group tools it used continued to be used in attacks until late 2018,” said Symantec’s researchers. “It is unknown who continued to use the tools. They may have been passed to another group or Buckeye may have continued operating longer than supposed.”

The authors added: “All zero-day exploits known, or suspected, to have been used by this group are for vulnerabilities in Internet Explorer and Flash.”

New Statesman:         Symantec

You Might Also Read: 

Who Are The Shadow Brokers?:

Cyber Criminals Are Catching Up  With Nation-state Hackers:

 

 

 

« AI In Cyber Security Is Worth Almost $5B
Verizon 2019 Data Breach Report »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

GigaOm

GigaOm

GigaOm's mission is to provide enterprises with information and analysis to help them make better decisions about technology.

Yokogawa Electric

Yokogawa Electric

Yokogawa is an electrical engineering company providing measurement, control, and information technologies including industrial cyber security.

Protocol Policy Systems

Protocol Policy Systems

Protocol Policy Systems specialise in IT policy deployment and management systems that deliver compliance and secure computing environments.

Beame.io

Beame.io

Beame.io is an information security company that distributes open source authentication infrastructure based on encryption.

Quorum Cyber

Quorum Cyber

Quorum Cyber offer end-to-end cyber security solutions, specialising in Managed Security Services, Consulting and Resourcing.

Cyberlitica

Cyberlitica

Cyberlitica (formerly iPhish) provides a Workforce Threat Intelligence application that significantly augments companies’ cyber threat prevention efforts.

VXRL

VXRL

VXRL is a Hong Kong-based cybersecurity company. We provide consulting services, penetration testing, and corporate training.

NetNordic Group

NetNordic Group

NetNordic is a Nordic system integrator focusing on solutions and services in the area of networking, smart data centers, cybersecurity, and unified communication.

Evalian

Evalian

Evalian is a data protection services provider. Working with organisations of all sizes, we specialise in Data Protection, GDPR, ISO Certification & Information Security.

PSafe

PSafe

PSafe is a leading provider of mobile privacy, security, and performance apps. We deliver innovative products that protect your freedom to safely connect, share, play, express and explore online.

Global Cybersecurity Institute - Rochester Institute of Technology (RIT)

Global Cybersecurity Institute - Rochester Institute of Technology (RIT)

At RIT’s Global Cybersecurity Institute, we educate and train cybersecurity professionals; develop new cybersecurity and AI-based knowledge for industry, academia, and government.

Third Point Ventures

Third Point Ventures

Third Point brings deep technical expertise, a strong network of relationships, and decades of investing experience to add value to our partners throughout their journey from idea to IPO and beyond.

Persistent Systems

Persistent Systems

Persistent Systems are a trusted Digital Engineering and Enterprise Modernization partner, combining deep technical expertise and industry experience to help our clients.

DIGISOC

DIGISOC

DIGISOC, a leader in Latin America in Cybersecurity solutions, combines machine learning with human intelligence to be effective in detecting cyber threats.

NSW IT Support

NSW IT Support

NSW IT Support: Your exclusive hub for comprehensive Business IT services in Sydney. Our skilled team ensures seamless technology solutions nationwide, consistently delivering top-tier IT support.

Merkle Science

Merkle Science

Merkle Science provides next generation risk mitigation, compliance and forensics for crypto-native businesses, DeFi participants, financial institutions & government agencies.