Our Blog: Stuff we think you should know

NSA-Developed Malware Used in Third-Party Hack

NSA-Developed Malware Used in Third-Party Hack

Have you ever wondered what happens when hackers gain access to state-developed malware tools? Well, now you don’t have to; a type of malware called Double Pulsar, that has been utilized in the past by the NSA, was bundled with a Chinese hacking tool and used to carry out attacks on Hong Kong and Belgium in 2016. Needless to say, this threat is unnerving.

Double Pulsar could be used to install additional malware on a target PC. At the time the threat could only be leveraged against 32-bit operating systems, but the Chinese-hacked tool struck later in the year versus 64-bit machines and newer operating systems. Symantec has found evidence that this threat was utilized, hypothesizing that the Chinese hackers built the tool after analyzing network traffic during a legitimate Double Pulsar attack.

The possibility that the hackers discovered the threat through a different vector exists, such as stealing the threat from an unsecured server, but the fact remains that this sets a dangerous precedent for tools like these being taken and used against their intentions.

It’s noteworthy to mention that the hacking group that utilized Double Pulsar is no longer active, but this shouldn’t mitigate the risks associated with it--especially since the tool is still out there for use by other threat actors. Thankfully, the Chinese tool also took advantage of a Windows vulnerability that has since been patched… so there’s that.

This isn’t the first time that hacking tools utilized by the NSA were stolen and utilized by hackers. In 2017, a group called the Shadow Brokers stole and dumped several hacking tools online, which is where the name Double Pulsar was originally discovered. If anything, the revelation that this threat existed at some point in the past only further exacerbates the need for proper network security--especially state actors that take more liberties with the development of these types of tools.

What are your thoughts on these developments and the possibility that these threats could be used to attack organizations like yours in the future? Let us know in the comments and be sure to ask us how you can secure your network from these threats. We have all kinds of tools at our disposal that can keep your business safe from harm. Call us today at 866.625.3560 to learn more.

“Paying the Ransom” Isn’t a Ransomware Defense
Tip of the Week: Simple Changes You Can Make to Ma...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, June 26 2019

Captcha Image

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Cloud Email Hackers Privacy Business User Tips Malware Business Computing Microsoft Computer Network Security Productivity Software Hosted Solutions Google Internet Tech Term Data Small Business IT Services Communication Ransomware Backup Mobile Devices Efficiency Workplace Tips Hardware Smartphone Windows 10 Cloud Computing Microsoft Office Android Saving Money Data Recovery IT Support Productivity Windows Gmail Data Management Browser Facebook Business Continuity Upgrade Managed IT Services Social Media Innovation Managed IT Services Mobile Device Data Backup Server Office 365 Users Phishing Internet of Things Information Word Outsourced IT App Passwords Windows 10 Disaster Recovery Smartphones Encryption Network Chrome Vulnerability Cybersecurity communications Artificial Intelligence Miscellaneous Business Management Managed Service Provider Remote Monitoring VoIP Employer-Employee Relationship Save Money Office Tips Apple Virtual Reality Hacker Content Filtering Gadgets Tip of the week Analytics IT Support Spam Big Data Managed Service Website Money Government Apps Applications Infrastructure BYOD Firewall Augmented Reality IT Management Customer Service WiFi Maintenance Avoiding Downtime Settings The Internet of Things Two-factor Authentication Tablet Data storage Paperless Office Bandwidth Virtualization Display Employee-Employer Relationship Antivirus YouTube Education Unified Threat Management VPN Access Control Robot Risk Management Printing Router Wireless Development Automation Mobile Security Document Management Touchscreen Google Drive Laptop Password Mouse Vendor Management Telephone Systems LiFi Safety Presentation Quick Tips Computers Scam Business Intelligence Office Storage Downtime Hosted Solution Wireless Technology Retail Recovery SaaS Solid State Drive Networking Company Culture Outlook Holiday Search Hard Disk Drive Monitors Data Security HIPAA IBM Data loss Business Technology Administration Operating System Chromebook Mobile Device Management Virtual Private Network Customer Relationship Management End of Support Computing Hacking Server Management Bring Your Own Device Wi-Fi Value Tech Support IT solutions Smart Office Co-Managed IT Specifications Compliance Lithium-ion battery Charging Competition Mail Merge Digital Signage Unified Threat Management Downloads IT Technicians File Sharing Wires Software as a Service Disaster Shortcut Bitcoin Network Congestion Online IoT Computer Care Spyware Superfish Information Technology Cooperation Solar Print Toner Statistics Best Practice telephony Break Fix Cookies Samsung 5G Monitoring Hard Disk Drives Hotspot Professional Services Websites Identity Theft Cortana Work Content Google Docs Black Friday Regulations Halloween Messaging Address Writing Training Fun Desktop User Error Multi-Factor Security Mirgation Voice over Internet Protocol Entertainment Uninterrupted Power Supply Undo Patch Management Windows 8 Microsoft Excel Star Wars Google Wallet Staff Automobile Shortcuts Marketing Bluetooth Business Growth Dark Web Nanotechnology G Suite Spying Solid State Drives Language USB Optimization Streaming Application Cyber Monday Social Networking Scary Stories Analysis Employee-Employer Relationships Corporate Profile Current Events Troubleshooting VoIP Legal Google Calendar Chatbots IP Address Cybercrime FinTech iOS Blockchain Cost Management National Security How To Drones Printer Wearable Technology Security Cameras Alt Codes Dark Data Net Neutrality Screen Reader Social Engineering Computing Infrastructure Dongle Knowledge Recycling Human Error IT service Heating/Cooling Smart Technology Motherboard Remote Computing Sports Students WannaCry Going Green Time Management Legislation Identity Update Mobile Office MSP Scalability Social Permissions Assessment PowerPoint Updates Firefox Managing Stress Managed Services Cabling Hard Drives Typing FCC Smart Tech Alerts Service Level Agreement Digital Payment Experience Unified Communications eWaste Device BDR Servers Deep Learning Humor Distributed Denial of Service Mixed Reality Fraud Internet Exlporer Politics LED Network Management Comparison Running Cable Migration Hacks Virtual Desktop Onboarding User Techology Budget SharePoint Collaboration Cables Laptops Refrigeration Managed IT Cryptocurrency Title II Connectivity How To Licensing Private Cloud Continuity Mobility Google Maps sip Managed IT Service Modem Buisness Slack Data Breach Digital Public Speaking Lenovo Emoji Webcam Windows 7 Electronic Medical Records Work/Life Balance Error Black Market Point of Sale Regulation Mobile Computing Physical Security Travel Law Enforcement CrashOverride Upgrades Notifications Botnet Supercomputer Twitter Gadget Staffing Motion Sickness 3D Printing Personal Information Administrator Crowdsourcing Taxes Machine Learning IT Budget Web Server Emergency GPS Printers Unsupported Software Computer Repair IT Consultant Relocation Processors Cameras Domains Tracking Meetings Mobile Data Health Cleaning Alert CCTV