Chinese spies used code developed by the America’s NSA
Chinese spies used code first developed by the United States National Security Agency to support their hacking operations, according to Israeli researchers on Monday, providing yet another example of how malicious software developed by governments can backfire on its creators.
Check Point Software Technologies, based in Tel Aviv, published a report in which it stated that some features in a piece of China-linked malware dubbed “Jian” were so similar that they could only have been stolen from some of the National Security Agency break-in tools leaked to the internet in 2017.
Checkpoint’s head of research, Yaniv Balmas, described Jian as a “kind of copycat, a Chinese replica.”
The NSA refused to comment. Requests for comment were not returned by the Chinese Embassy in Washington.
According to a source familiar with the situation, Lockheed Martin Corp., which is credited with discovering the vulnerability exploited by Jian in 2017, discovered it on the network of an unidentified third party.
The software appears to have been crafted in 2014, at least two years before the “Shadow Brokers” made their debut.
That suggests the NSA has repeatedly lost control of its own malware over the years. Checkpoint’s report could be a cautionary tale for spymasters weighing whether to keep software flaws secret.