Check Point released Report He points out that some features in the Chinese malware called Jian are very similar to some of the NSA hacking tools that were leaked to the internet in 2017.
Chinese spies used the code developed by the US National Security Agency for the first time to support their own hacking operations, which is another indication of how malware developed by governments can bounce back against their creators.
The company described Jian as a kind of imitation, a Chinese replica.
The discovery comes at a time when some experts argue that American spies should devote more energy to fixing flaws they find in programs rather than developing and spreading malware to exploit them.
Lockheed Martin – which is said to have identified the vulnerability Jian exploited in 2017 – discovered Chinese malware within an anonymous third-party network.
“It routinely evaluates third-party programs and technologies to identify vulnerabilities,” Lockheed said in a statement.
Countries around the world are developing malware that infects their competitors’ machines by taking advantage of flaws in the software they run.
And every time spies discover a new flaw, they must decide whether to quietly exploit it or fix the problem to thwart competitors and fraudsters.
The dilemma caught public attention between 2016 and 2017, when a mysterious group calling themselves Shadow Brokers published some of the NSA’s most dangerous online code, allowing cybercriminals and rival nations to add US-made digital hacking tools to their arsenals.
Microsoft suggested in an advisory report published in 2017 that the malware was linked to a Chinese group called Zirconium, which last year was accused of targeting organizations and individuals linked to elections in the United States.
Checkpoint says: Jian was manufactured in 2014, at least two years before Shadow Brokers debuted.
Combined with research published in 2019 by Broadcom-owned cybersecurity firm Symantec about a similar incident, this indicates that the NSA has repeatedly lost control of its malware over the years.