Chinese spies use code developed by the US National Security Agency to aid their hacker activities on Feb. 22, Israeli researchers said.
Software engineering company Checkpoint, based in Tel Aviv, Israel, says some features in the malware, known as “Jian”, are very similar to some of the National Security Agency’s hacking tools. US family (NSA).
The software “Jian” is believed to be related to China, and the NSA tool leaked on the Internet in 2017.
Checkpoint research suggests that such a high level of similarity is only possible because the software stole code from NSA tools.
Yaniv Balmas, Checkpoint’s head of research, calls Jian “a fake, a Chinese-made replica”.
The NSA currently declined to comment. The Chinese Embassy in Washington did not respond to a request for comment, according to Reuters.
Mr. Balmas said that from the above study, it is possible to learn for security agencies that the vulnerability in software should not be used for its own purposes, but rather to fix it.
“Perhaps it’s more important to fix it and save the world. Because it can be used against you, “Mr. Balmas said.
Countries around the world that develop malware get into a competitor’s device by taking advantage of a vulnerability in this software.
Every time a spy discovers a new vulnerability, they have to decide whether to exploit it secretly or not, or fix the problem to stop an adversary or insider.
This dilemma came to the fore between 2016 and 2017. At that time, a mysterious group calling itself “Shadow Brokers” published some of the most dangerous NSA codes on the Internet. From there, cybercriminals and rival nations can use them as their own weapons.