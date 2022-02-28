ContributorsPublishersAdvertisers
Public Safety

New Chinese hacking tool found, spurring U.S. warning to allies

By Christopher Bing
Reuters
Reuters
 5 days ago

(Reuters) - Security researchers with U.S. cybersecurity firm Symantec said they have discovered a “highly sophisticated” Chinese hacking tool that has been able to escape public attention for more than a decade.

The discovery was shared with the U.S. government in recent months, who have shared the information with foreign partners, said a U.S. official. Symantec, a division of chipmaker Broadcom, published its research about the tool, which it calls Daxin, on Monday.

“It’s something we haven’t seen before,” said Clayton Romans, associate director with the U.S. Cybersecurity Infrastructure Security Agency (CISA). “This is the exact type of information we’re hoping to receive.”

CISA highlighted Symantec’s membership in a joint public-private cybersecurity information sharing partnership, known as the JCDC, alongside the new research paper.

The JCDC, or Joint Cyber Defense Collaborative, is a collective of government defense agencies, including the FBI and National Security Agency, and 22 U.S. technology companies that share intelligence about active cyberattacks with one another.

The Chinese embassy in Washington did not respond to a request for comment. Chinese officials have previously said China is also a victim of hacking and opposes all forms of cyber attacks.

“The capabilities of this malware are remarkable and would be extremely difficult to detect without this public research,” said Neil Jenkins, chief analytics officer at the Cyber Threat Alliance, a non-profit group that brings together cybersecurity experts to share data.

Symantec’s attribution to China is based on instances where components of Daxin were combined with other known, Chinese-linked computer hacker infrastructure or cyberattacks, said Vikram Thakur, a technical director with Symantec.

Symantec researchers said the discovery of Daxin was noteworthy because of the scale of the intrusions and the advanced nature of the tool.

“The most recent known attacks involving Daxin occurred in November 2021,” the research report reads. “Daxin’s capabilities suggest the attackers invested significant effort into developing communication techniques that can blend in unseen with normal network traffic.”

Daxin’s victims included high-level, non-Western government agencies in Asia and Africa, including Ministries of Justice, Thakur added.

“Daxin can be controlled from anywhere in the world once a computer is actually infected,” said Thakur. “That’s what raises the bar from malware that we see coming out of groups operating from China.”

Romans said he did not know of affected organizations in the United States, but there were infections all around the globe, which the U.S. government was helping to notify.

“Clearly the actors have been successful in not only conducting campaigns but being able to keep their creation under wraps for well over a decade,” said Thakur.

(The story has been refiled to add missing word ‘not’ in paragraph 13)

Comments / 0

Related
Vice

Chinese Cybersecurity Company Doxes Apparent NSA Hacking Operation

Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet. A Chinese cybersecurity company accused the NSA of being behind a hacking tool used for ten years in a report published on Wednesday. The report from Pangu Lab delves into malware that its researchers...
TECHNOLOGY
Reuters

China calls reports on Chinese-Russian coordination on Ukraine 'fake news'

BEIJING, March 3 (Reuters) - The Chinese foreign ministry said on Thursday that reports on Chinese and Russian coordination ahead of Russia's attack on Ukraine are "fake news." Such practices of diverting attention and shifting blame are "despicable", said Wang Wenbin, spokesperson at the foreign ministry, at a regular media...
CHINA
International Business Times

U.S., Allies Target 'Fortress Russia' With New Sanctions, Including SWIFT Ban

The United States and its allies on Saturday moved to block certain Russian banks' access to the SWIFT international payment system in further punishment of Moscow as it continues its military assault against Ukraine. The measures, which will include restrictions on the Russian central bank's international reserves, will be implemented...
FOREIGN POLICY
RELATED LOCAL CHANNELS
State
Washington State
Washington Post

Trump immediately botches what’s happening in Ukraine

If there’s one thing Donald Trump and his allies want you to know about what’s happening in Ukraine right now, it’s that it wouldn’t be happening if he were still in charge. If only he actually knew what was happening. Trump opted to appear on Fox...
POTUS
UPI News

Russian jets intercept U.S. Navy planes, Pentagon says

Feb. 16 (UPI) -- Russian military jets intercepted three U.S. Navy aircraft over the weekend in an "unprofessional" manner, the U.S. military announced Wednesday. U.S. Navy Capt. Mike Kafka, director of Defense Press Operations, said the intercepts happened while the U.S. aircraft were in international airspace over the Mediterranean Sea.
MILITARY
IN THIS ARTICLE
#Hackers#Hacking#Chinese#Symantec#Broadcom#Cisa#Jcdc#Fbi#National Security Agency#The Cyber Threat Alliance
Fox News

North Korea claims it can hit US, 'shake the world' with missile after month of increased testing

North Korea on Tuesday touted its military capabilities, including a missile it claimed could strike the U.S. and "shake the world." "In today's world where many countries waste time dealing with the United States with submission and blind obedience, there’s only our country on this planet that can shake the world by firing a missile with the U.S. mainland in its range," a statement by the Foreign Ministry said, according to Reuters. "There are more than 200 countries in the world, but only a few have hydrogen bombs, intercontinental ballistic missiles, and hypersonic missiles."
MILITARY
americanmilitarynews.com

Russian troops attack and destroy their own troops, tanks

Russian troops attacked other Russian troops early Friday, destroying nine tanks and four armored vehicles in the “friendly fire” incident, according to the Armed Forces of Ukraine. “Just now in the Kiev region, near Severinovka, Russian occupation troops started a fight with… Russian occupation forces. As a result,...
MILITARY
YOU MAY ALSO LIKE
NewsBreak
Public Safety
Country
China
Reuters

Reuters

347K+
Followers
291K+
Post
157M+
Views
ABOUT

Reuters provides award-winning coverage of the day's most important topics, including breaking news, business, finance, politics, sports, and entertainment.

Comments / 0

Community Policy