Chinese ‘Buckeye’ hackers used NSA hacking before Shadow Brokers leak – DigitalMunition

Hacking News Chinese 'Buckeye' hackers used NSA hacking before Shadow Brokers leak

Published on May 8th, 2019 📆 | 4332 Views ⚑


Chinese ‘Buckeye’ hackers used NSA hacking before Shadow Brokers leak

Chinese 'Buckeye' hackers used NSA hacking before Shadow Brokers leak

Chinese hackers used NSA tools ‘months’ before Shadow Brokers leak

CHINESE HACKERS reportedly repurposed two hacking tools created by the US National Security Agency (NSA) to attack targets in Europe and Asia in 2016. 

That’s according to researchers at Symantec, who claim that hacking groups based in China started using the tools about 14 months before they were leaked by a peculiar group calling itself the Shadow Brokers.

In 2017, Shadow Brokers published several tranches of NSA hacking tools and exploits online, some of which were subsequently used in security breaches around the world, including the WannaCry and NotPetya attacks.

While Shadow Brokers repeatedly claimed to have stolen the tools directly from the NSA via a compromised server, the researchers couldn’t find the evidence to back that up. 

The findings of the investigation by Symantec indicate that the China-based Buckeye group had acquired some of the NSAs tools months before Shadow Brokers started publishing them on the internet.

Buckeye is the codename for Chinese intelligence contractors that work for the Chinese Ministry of State Security. Based in Guangzhou, Buckeye is also known by several other names, including Gothic Panda, APT3, TG-0110, and UPS Team.

According to Symantec, Buckeye acquired the NSAs trove of hacking tools after attacks by the US agency on its systems.

The group altered the tools to create its own versions and then surreptitiously used those tools for several months before they were published by Shadow Brokers.

Attacks were carried out on various educational institutions, scientific research organisations and computer networks in at least five places, including Luxembourg, Belgium, Vietnam, Hong Kong and the Philippines, according to the research.

One attack on a telecom network may have given attackers access to hundreds of thousands of private communications, Symantec claimed.

Symantecs report is the latest evidence to suggest that it is becoming increasingly difficult for the US to keep track of the backdoors its uses to break into adversaries networks.

The episode also sets off a debate within the cyber-security community over whether US agencies should continue to develop some of the worlds most stealthy cyberweapons if they cant keep them under lock.

“Weve learned that you cannot guarantee your tools will not get leaked and used against you and your allies,” Eric Chien, a security director at Symantec, told the New York Times. “People come and go. Clearly the tools live on,” he added. µ

Further reading

Source link

Download WordPress Themes Free
Free Download WordPress Themes
Download WordPress Themes Free
Download Premium WordPress Themes Free
free download udemy course

Tagged with:

Leave a Reply ✍