AG百家乐在线官网

Chinese spies 'used US hacking tools a year before Russians leaked them online'

A cyber espionage group that was tied to the Chinese government was reportedly using American tools to spy on Beijing's targets.

By Alexander J Martin, technology reporter

Tuesday 7 May 2019 18:07, UK

Beijing, CHINA: A US and a Chinese flag wave outside a commercial building in Beijing, 09 July 2007. US Secretary of State Condoleezza Rice 06 July 2007 accused China of flouting the rules of global trade in its headlong economic expansion as the US administration "has not been hesitant" to deploy trade tools against China, including a complaint lodged with the World Trade Organization over copyright piracy. AFP PHOTO/TEH ENG KOON (Photo credit should read TEH ENG KOON/AFP/Getty Images)
Image: Chinese spies are believed to have obtained US hacking tools
Why you can trust Sky News

Chinese spies were using hacking tools developed by the US a year before they were leaked online by a group linked to Russian intelligence, it has been claimed

The hijacking of the US tools was uncovered by cyber security firm Symantec, which uses codenames for the groups involved and, for commercial reasons, does not itself accuse states of sponsoring them.

Dick O'Brien, a threat researcher at Symantec, told Sky News that the main purpose of the tools used by the Chinese hackers - known as Buckeye - was to facilitate spying.

Mr O'Brien explained that the malware code used by Buckeye was "essentially the same" as the code used by the US National Security Agency, known as the Equation Group.

Symantec's threat researcher said: "It's virtually impossible that two groups would have independently developed the same software, unbeknownst to each other."

Hacking tool code is typically among the most highly classified material which intelligence agencies possess, although it can be captured and copied when it is sent to infect target's computers.

Mr O'Brien explained that there were a couple of possible explanations about how the Chinese hackers could have obtained these hacking tools a year before they were scandalously publicly leaked online.

More on China

Related Topics:

"Buckeye may have observed an Equation Group attack and engineered its own versions of the tools from artefacts found in either their own or another party's captured network traffic.

"Alternatively, Buckeye could have obtained the tools by gaining access to an unsecured or poorly secured Equation Group server.

"A third possibility is that a rogue Equation Group member or associate leaked the tools to Buckeye."

The way in which the Chinese hackers could have gained the tools is of interest as the loss of those tools caused great damage and embarrassment when they were leaked online in 2017.

Shadow Brokers group to set up club for monthly US hacking tool releases
Shadow Brokers group to set up club for monthly US hacking tool releases

The group that leaked these tools, calling itself the Shadow Brokers, first appeared in 2016, and would later be tied to Russian intelligence.

The group claimed it had access to 75% of the US cyber arsenal which they offered to auction to the highest bidder, and subsequently released some of the hacking tools for free to prove that they possessed them.

One of these tools would later be used in the WannaCry attack by North Korea which crippled the computer systems of the NHS in the UK.

Related Topics