‘Chinese Spies’ Had NSA Cyber Weapons Before The Shadow Brokers Leak

Chinese spies obtained NSA cyber weapons more than a year before they were leaked by the Shadow Brokers group in one of the most high-profile hacks of the last decade, it has been alleged.

Researchers at Symantec claimed that the Buckeye group, which is believed to be made up of Chinese intelligence agents, used the weapons to launch attacks on targets in Europe and Asia at least 12 months before they came into the public domain.

In a blog post, Symantec’s investigation team noted that variants of the tools used by Buckeye “appear to be different from those release by Shadow Brokers, potentially indicating that they didn’t originate from that leak”. Instead, Symantec’s researchers believe the tools could have been analysed and repurposed if they were used by the NSA to launch attacks on Chinese targets, the New York Times reported.

Organisations in Hong Kong, Vietnam, the Philippines, Belgium and Luxembourg are among those to have been targeted by Buckeye using the NSA’s stolen weapons, according to Symantec.

In November 2017, three alleged members of the Buckeye group were indicted in the United States for hacking three companies for “commercial advantage”. They were accused by the US Department of Justice of computer hacking, theft of trade secrets, conspiracy and identity theft in a campaign against organisations in the financial, engineering and technology industries. Buckeye had gone quiet in the months before the indictments were issued.

“While Buckeye appeared to cease operations in mid-2017, the Equation Group tools it used continued to be used in attacks until late 2018,” said Symantec’s researchers. “It is unknown who continued to use the tools. They may have been passed to another group or Buckeye may have continued operating longer than supposed.”

The authors added: “All zero-day exploits known, or suspected, to have been used by this group are for vulnerabilities in Internet Explorer and Flash.”

New Statesman:         Symantec

You Might Also Read: 

Who Are The Shadow Brokers?:

Cyber Criminals Are Catching Up  With Nation-state Hackers:

 

 

 

« AI In Cyber Security Is Worth Almost $5B
Verizon 2019 Data Breach Report »

ManageEngine
CyberSecurity Jobsite
Check Point

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

WIRED

WIRED

WIRED is the magazine about what's next – the people, the trends and the big ideas that will change our lives. Topics covered include cyber security.

aeCERT

aeCERT

aeCERT is the national Computer Emergency Response Team for the United Arab Emirates.

ObjectSecurity

ObjectSecurity

ObjectSecurity is a leader in authorization policy automation. With OpenPMF, you can manage application security policies for access control and auditing.

Thinkst Applied Research

Thinkst Applied Research

Thinkst is an Applied Research company with a deep focus on information security.

Calian Group

Calian Group

Calian is a diverse Canadian company offering professional services in areas including Advanced Technologies, Health, Learning and IT & Cyber Solutions.

Bangladesh Association of Software & Information Services (BASIS)

Bangladesh Association of Software & Information Services (BASIS)

BASIS is the national trade body for Software & IT Enabled Service industry of Bangladesh.

Dice

Dice

Dice is a leading recruitment platform, helping technology professionals manage their careers and employers connect with highly skilled tech talent in specialist areas including cybersecurity.

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions (EPS)

Extreme Protocol Solutions is an industry leading Data Sanitization Software, Hardware and Onsite Service Provider.

Fingent

Fingent

Fingent develops strategic software solutions for businesses across the globe in areas including Network Security, Infrastructure Security, Application Security, Risk and Compliance.

Cyber Pop-Up

Cyber Pop-Up

Cyber Pop-Up provide on-demand access to top security experts. No recruiting. No onboarding. No overhead costs.

Seedcamp

Seedcamp

Seedcamp identify and invest early in world-class founders attacking large and global markets through disruptive technology in areas including AI, cybersecurity, and Fintech.

Precision Cybertechnologies & Digital Solutions (Precision-Cyber)

Precision Cybertechnologies & Digital Solutions (Precision-Cyber)

Precision-Cyber was founded on the philosophy of state-of-the-art cybersecurity and digital solutions. Our guiding principle is simply that we will provide and secure all your digital needs.

Advania UK

Advania UK

Advania are one of Microsoft’s leading partners in the UK, specialising in Azure, Security, Dynamics 365 and Microsoft 365.

PowerDMARC

PowerDMARC

PowerDMARC is a domain security and email authentication SaaS platform that helps organizations protect their domain name, brand, and emails against unauthorized use.

Enaviya Information Technologies

Enaviya Information Technologies

Enaviya offer a comprehensive set of manual and automated software testing services adhering to standard quality assurance for best practices and processes.

EH1-Infotech Cybersecurity

EH1-Infotech Cybersecurity

EH1-Infotech Cybersecurity is a company dedicated to providing structured, enterprise-grade cybersecurity services to B2B clients - including startups, SaaS platforms, and mid-sized organizations.