Image: Symantec |
Hacker group used a unique version of the DoublePulsar backdoor, not the one released by the Shadow Brokers.
A Chinese cyber-espionage group had used NSA malware more than a year before the Shadow Brokers leaked the same exploits online, exposing them to the whole world, according to US cyber-security firm Symantec.
The group --tracked by cyber-security vendors under names such as Buckeye, APT3, Gothic Panda, TG-011, and UPS-- is infamous after US authorities charged three hackers in late 2017.
The US alleged that the three men were behind a cyber-security company named Boyusec that was acting as a front for the Chinese Ministry of State Security and had hacked western companies such as Moody's Analytics, Siemens, and Trimble.
The group was considered advanced among the spectrum of Chinese-based and government-backed APTs (advanced persistent threats), having access to its own custom tools and zero-days.
By Catalin Cimpanu.
Full story at ZDNET.
No comments:
Post a Comment