Home

About Us

IT Services

Understanding IT

News

Blog

Contact Us

Support

Omega Technical Solutions Blog

NSA-Developed Malware Used in Third-Party Hack

NSA-Developed Malware Used in Third-Party Hack

Have you ever wondered what happens when hackers gain access to state-developed malware tools? Well, now you don’t have to; a type of malware called Double Pulsar, that has been utilized in the past by the NSA, was bundled with a Chinese hacking tool and used to carry out attacks on Hong Kong and Belgium in 2016. Needless to say, this threat is unnerving.

Double Pulsar could be used to install additional malware on a target PC. At the time the threat could only be leveraged against 32-bit operating systems, but the Chinese-hacked tool struck later in the year versus 64-bit machines and newer operating systems. Symantec has found evidence that this threat was utilized, hypothesizing that the Chinese hackers built the tool after analyzing network traffic during a legitimate Double Pulsar attack.

The possibility that the hackers discovered the threat through a different vector exists, such as stealing the threat from an unsecured server, but the fact remains that this sets a dangerous precedent for tools like these being taken and used against their intentions.

It’s noteworthy to mention that the hacking group that utilized Double Pulsar is no longer active, but this shouldn’t mitigate the risks associated with it--especially since the tool is still out there for use by other threat actors. Thankfully, the Chinese tool also took advantage of a Windows vulnerability that has since been patched… so there’s that.

This isn’t the first time that hacking tools utilized by the NSA were stolen and utilized by hackers. In 2017, a group called the Shadow Brokers stole and dumped several hacking tools online, which is where the name Double Pulsar was originally discovered. If anything, the revelation that this threat existed at some point in the past only further exacerbates the need for proper network security--especially state actors that take more liberties with the development of these types of tools.

What are your thoughts on these developments and the possibility that these threats could be used to attack organizations like yours in the future? Let us know in the comments and be sure to ask us how you can secure your network from these threats. We have all kinds of tools at our disposal that can keep your business safe from harm. Call us today at (703) 743-3056 to learn more.

“Paying the Ransom” Isn’t a Ransomware Defense
Tip of the Week: Simple Changes You Can Make to Ma...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, July 17, 2019

Captcha Image

Latest Blog

Many businesses have begun to take advantage of the benefits that come with having remote workers. One tool that has seen an increase in utilization as a result is a conferencing solution. Communications are extremely important for the grow...

Contact Us

Learn more about what Omega Technical Solutions
can do for your business.

(703) 743-3056

Omega Technical Solutions
5501 Merchant View Square Suite 107
Haymarket, Virginia 20169

Account Login