Security agency

Chinese reports expose details of cyberattacks by U.S. security agency – Xinhua

BEIJING, Sept. 13 (Xinhua) — China on Tuesday released investigative reports to release details of cyberattacks on a Chinese university launched by the U.S. National Security Agency (NSA).

According to China’s National Computer Virus Emergency Response Center (CVERC), 41 types of cyber weapons were used by the NSA-affiliated Tailored Access Operations Office (TAO) in the recently disclosed cyberattacks. against Northwestern Polytechnic University in China.

Among them, the sniffing and stealing cyber weapon “Suctionchar” is one of the most direct culprits that led to the theft of a large amount of sensitive data, CVERC said.

Being highly stealthy and adaptable to the environment, “Suctionchar” can steal accounts and passwords of a variety of remote management and file transfer services from target servers, according to the report released by CVERC in collaboration with Beijing Qi’an Pangu Laboratory Technology Co., Ltd. cybersecurity company.

Technical analysis shows “Suctionchar” can work effectively with other NSA-deployed cyber weapons, CVERC said citing cybersecurity experts.

“Suctionchar” can be delivered by TAO to target servers using “Acid Fox” vulnerability attack weapon platform, NOPEN trojan and other cyber weapons with attacks of vulnerability and persistent control over infected devices, experts noted.

It turns out that “Suctionchar” can run stealthily on the target servers, monitor user input on the operating system’s console terminal program in real time, and intercept all kinds of usernames and words. outmoded.

Once obtained by the TAO, these usernames and passwords can be used to access other servers and network devices to steal files or deliver other cyber weapons, the experts said.

During the TAO cyberattacks on the Chinese university, “Suctionchar” was found to have collaborated with other components of the Bvp47 Trojan horse program, a top weapon of the NSA’s Equation hacking group.

According to a separate report released Tuesday by Pangu’s lab, Bvp47 has been deployed to hit targets in 45 countries and regions around the world over a period of more than 10 years.

The United States has launched indiscriminate cyberattacks around the world, rather than selectively targeting countries it sees as strategic competitors, the lab said.

According to the lab, 64 systems in China were hacked by Bvp47, making the country the biggest victim of the latest exposed cyberattacks, followed by 32 systems in Japan, 30 in the Republic of Korea and 16 in Germany.