Chinese researchers accuse NSA of being behind a powerful exploit

Written by
Feb 23, 2022 | CYBERSCOOP

A Chinese cybersecurity firm released a report Wednesday that revealed a decade-old exploit allegedly created by a covert hacking group associated with the U.S. National Security Agency.

The report is the first time that a Chinese cybersecurity firm has both attributed a cyberattack to a U.S. hacking group and included technical indicators of compromise.

“It’s a completely different type of report here that that seems to mimic Western name-and-shame,” said Winnona DeSombre, fellow at the Atlantic Council and Harvard’s Belfer Center.

Pangu Lab researchers said they first discovered the backdoor in 2013 during an “in-depth forensic investigation of a host in a key domestic department.” The researchers were later able to tie it to the “The Equation Group,” a group of hackers said to be affiliated with the NSA, after NSA documents leaked by a group known as the “The Shadow Brokers” published hacking files that allegedly belonged to the NSA’s operation.

“The tool is well-designed, powerful, and widely adapted,” the researchers write. “Its network attack capability equipped by 0day vulnerabilities was unstoppable, and its data acquisition under covert control was with little effort.”

Chinese firms have only publicly attributed

Read More: https://www.cyberscoop.com/chinese-researchers-nsa-exploit-pangu-lab/