Chinese Cybersecurity Team Discloses Details of Backdoor To
理财鱼小提示:Chinese Cybersecurity Team Discloses Details of Backdoor Tool of U.S. NSA Equation Group
Image Source: Visual China
BEIJING, February 23 (TMTPOST) — Pangu Lab, a Chinese research team specializing in cybersecurity, discloses details of a top-tier backdoor hacking tool of the United States National Security Agency (NSA) Equation Group in a blog post on its official site.
The backdoor codenamed Bvp47, also named “Operation Telescreen” by Pangu Lab, is said to have infiltrated 287 targets in 45 countries and regions including Russia, Japan, Spain and Italy, working as a monitoring tool. The attack from Operation Telescreen has lasted for over a decade, according to Pangu Lab’s blog post. One victim of the cyberattack operation is used as a jump server for further attack, Pangu Lab said.
“The tool is well-designed, powerful, and widely adapted. Its network attack capability equipped by 0day vulnerabilities was unstoppable, and its data acquisition under covert control was with little effort,” Pangu Lab said. “The Equation Group is in a dominant position in nation-level cyberspace confrontation.”
The Equation Group, classified as an advanced persistent threat, is a highly sophisticated threat actor suspected of being tied to the Tailored Access Operations (TAO) unit of the United States National Security Agency.
Pangu Lab extracted a set of advanced backdoors during an in-depth forensic investigation of a host in a key domestic department in 2013, from which the lab uncovered Bvp47. The lab cracked the check code to the backdoor and tested the backdoor’s behaviors. The lab concluded that it is a top-tier APT backdoor.
Image Source: Pangu Lab
Pangu Lab’s founder Han Zhengguang said that Telescreen Operation is a top-notch backdoor program that allows the Equation Group to move around and acquire information in cyberspace freely.
Telescreen Operation can attack operating systems such as most Linux versions, AIX, Solaris and SUN. It exhibited an advanced level of code obfuscation, system hiding, and self-destruction design, according to Pangu Lab. The backdoor might have existed for nearly 20 years.
Pangu Lab is owned by cybersecurity service provider Qi An Xin Technology (SHA: 688561), which has close connection with software company Qihoo 360. Qihoo 360 sold a 22.59% stake to China Electronics Corporation in April 2019.
>相关《 Chinese Cybersecurity Team Discloses Details of Backdoor To》内容:
1、 Chinese Game Companies Undergo Layoffs as Industry Faces Ob
理财鱼小提示:Chinese Game Companies Undergo Layoffs as Industry Faces Obstacles Image Source: Visual China BEIJING, February 22 (TMTPOST) — Reports of games companies in Shanghai undergoing layoffs have been circulating on the Chinese Intern...【继续阅读】
2、 STEAM在中国,注定要成为过客
2018年6月,完美世界与Valve Corporation签署授权协议,全球最大的游戏发行平台STEAM的中国版——“蒸汽平台”,就此诞生。 这个为中国市场量身定做,昭示着STEAM进军中国市场野心的“蒸汽平台”,拖了快两年后才开始进行迟来的“先锋测试”,一些STEAM上...【继续阅读】
3、 Mesh for Teams即将推出,微软想打造一个什么样的元宇宙?
元宇宙概念大火,游戏成为最重要的场景,但在游戏之外,另一个场景对企业产生的价值或许更大,那就是混合办公。作为全球办公软件巨头之一,微软的元宇宙已经箭在弦上,它切入元宇宙的策略,就是将“办公”作为了一个重要突破口。 据微软官方消息,微软将在...【继续阅读】
- 上一篇: 黄金逆市大涨!
- 下一篇: 突发!乌克兰全境将进入战时状态,卢布暴跌、黄金起飞