Chinese spies used code copied from America’s NSA for hacking operations, researchers say
- Features in malware so similar they could only have been stolen from break-in tools leaked online, according to Check Point Software Technologies
- Head of research describes the malicious ‘Jian’ software as ‘kind of a copycat, a Chinese replica’
Tel Aviv-based Check Point Software Technologies issued a report noting that some features in a piece of China-linked malware it dubs “Jian” were so similar they could only have been stolen from some of the National Security Agency break-in tools leaked to the internet in 2017.
Yaniv Balmas, Check Point’s head of research, called Jian “kind of a copycat, a Chinese replica”.
The find comes as some experts argue that American spies should devote more energy to fixing the flaws they find in software instead of developing and deploying malicious software to exploit it.
The NSA declined to comment. The Chinese embassy in Washington did not respond to requests for comment.
A person familiar with the matter said Lockheed Martin Corp – which is credited as having identified the vulnerability exploited by Jian in 2017 – discovered it on the network of an unidentified third party.
In a statement, Lockheed said it “routinely evaluates third-party software and technologies to identify vulnerabilities”.
