Skip to main content

Chinese hackers cloned a Windows security flaw stolen from the NSA

posted onFebruary 23, 2021
by l33tdawg
Wikipedia
Credit: Wikipedia

The investigation into a malware tool being used by Chinese hackers has revealed it to be a copy of software reportedly originally developed by part of the US National Security Agency (NSA).

Security researchers at Check Point Research (CPR) originally thought the tool dubbed Jian was custom built by Chinese threat actors. However further CPR digging revealed that it is a clone of the EpMe software, which was used by the Equation Group, which has long been suspected to operate on the behest of the NSA.

According to ZDNet, CPR notes that "the tool is used after an attacker gains initial access to a target computer -- say, via zero-click vulnerability, phishing email, or any other option -- to give the attacker the highest available privileges, so they could "roam free" and do whatever they like on the already infected computer."

Source

Tags

Industry News

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th