BNMC Blog

NSA-Developed Malware Used in Third-Party Hack

NSA-Developed Malware Used in Third-Party Hack

Have you ever wondered what happens when hackers gain access to state-developed malware tools? Well, now you don’t have to; a type of malware called Double Pulsar, that has been utilized in the past by the NSA, was bundled with a Chinese hacking tool and used to carry out attacks on Hong Kong and Belgium in 2016. Needless to say, this threat is unnerving.

Double Pulsar could be used to install additional malware on a target PC. At the time the threat could only be leveraged against 32-bit operating systems, but the Chinese-hacked tool struck later in the year versus 64-bit machines and newer operating systems. Symantec has found evidence that this threat was utilized, hypothesizing that the Chinese hackers built the tool after analyzing network traffic during a legitimate Double Pulsar attack.

The possibility that the hackers discovered the threat through a different vector exists, such as stealing the threat from an unsecured server, but the fact remains that this sets a dangerous precedent for tools like these being taken and used against their intentions.

It’s noteworthy to mention that the hacking group that utilized Double Pulsar is no longer active, but this shouldn’t mitigate the risks associated with it--especially since the tool is still out there for use by other threat actors. Thankfully, the Chinese tool also took advantage of a Windows vulnerability that has since been patched… so there’s that.

This isn’t the first time that hacking tools utilized by the NSA were stolen and utilized by hackers. In 2017, a group called the Shadow Brokers stole and dumped several hacking tools online, which is where the name Double Pulsar was originally discovered. If anything, the revelation that this threat existed at some point in the past only further exacerbates the need for proper network security--especially state actors that take more liberties with the development of these types of tools.

What are your thoughts on these developments and the possibility that these threats could be used to attack organizations like yours in the future? Let us know in the comments and be sure to ask us how you can secure your network from these threats. We have all kinds of tools at our disposal that can keep your business safe from harm. Call us today at 978-482-2020 to learn more.

 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, August 22 2019

Captcha Image

Subscribe to Our Blog!

Mobile? Grab this Article!

Qr Code

Tag Cloud

Tip of the Week Security Best Practices Technology Business Computing Cloud Email Privacy Computer User Tips Microsoft Software Malware Network Security Google Hackers Productivity Business Hosted Solutions Communication Tech Term Hardware Internet Small Business Data Mobile Devices Ransomware IT Services Efficiency Smartphone IT Support Cloud Computing Data Recovery Workplace Tips Backup Android Innovation Saving Money Business Continuity Information Office 365 Managed IT Services Microsoft Office Upgrade Windows Users Mobile Device Social Media Windows 10 Data Management Business Management Windows 10 Miscellaneous Managed IT Services Internet of Things Data Backup Browser App Passwords Productivity communications Outsourced IT Facebook Word Server Gmail Phishing Vulnerability Cybersecurity Disaster Recovery Encryption VoIP Smartphones Chrome Artificial Intelligence Network Remote Monitoring Website Applications Infrastructure BYOD Analytics Tip of the week Managed Service Provider Gadgets Save Money Managed Service Employer-Employee Relationship Virtual Reality Money IT Support Risk Management Access Control VPN IT Management Paperless Office Office Tips Government Router Quick Tips Google Drive Content Filtering Unified Threat Management Bandwidth Company Culture Big Data Apps Display Apple Education Settings Storage Maintenance Robot Antivirus Development Automation Hacker Data storage Employee-Employer Relationship YouTube Mobile Security Outlook Hard Disk Drive OneNote Spam Computing Data Security Bring Your Own Device Operating System WiFi Business Technology SaaS LiFi Server Management Touchscreen Business Intelligence Virtual Private Network Hosted Solution Computers Virtualization Laptop Holiday Administration Mouse The Internet of Things Tablet Data loss Telephone Systems Retail Alert desktop Augmented Reality Downtime Collaboration Firewall Two-factor Authentication Managing Stress Avoiding Downtime Monitors Vendor Management Printing Scam Chromebook Document Management Wireless Solid State Drive Networking End of Support HIPAA Assessment Automobile Network Management Remote Computing Laptops Alt Codes Solar G Suite Scary Stories Dark Web PowerPoint Network Congestion Mobility Work Dell Running Cable Cyber Monday Data Breach Smart Tech Co-Managed IT Budget Cooperation Service Level Agreement Cabling Legislation Windows 7 Social Voice over Internet Protocol WannaCry Buisness Hotspot Internet Exlporer Google Maps Virtual Desktop SharePoint Writing Software as a Service Typing Humor Compliance Sports Microsoft Excel Wi-Fi Onboarding GDPR Information Technology Techology Print Toner Best Practice IT Technicians Optimization Managed IT Smart Technology Slack Hard Disk Drives Current Events Connectivity How To Lenovo Dark Data Update Content Huawei Staff Leominster Statistics Messaging Modem FinTech Language Value Downloads Entertainment Cryptocurrency Regulations Mail Merge Blockchain Digital Signage Data Warehouse Digital Payment VoIP Unified Threat Management Shortcuts Google Docs Mirgation Recycling Shortcut Distributed Denial of Service Monitoring Politics Solid State Drives IT solutions Going Green IoT Firefox Superfish Customer Service Streaming Processor K-12 Schools Disaster Cybercrime Bluetooth Comparison Employee-Employer Relationships Hacks Cookies MSP Digital Google Wallet Computing Infrastructure Professional Services Office Samsung iOS Bitcoin Social Networking Marketing Address Permissions Troubleshooting Private Cloud Business Analysis User Error Security Cameras Business Growth Chatbots eWaste Patch Management Managed IT Service Spying Tech Support National Security Star Wars Customer Relationship Management Human Error Memory Legal Wearable Technology Network upgrade Uninterrupted Power Supply Specifications Analysis Students Password Nanotechnology Spyware Virus Unified Communications Drones Alerts USB File Sharing Heating/Cooling Multi-Factor Security Social Engineering Scalability Windows 8 Motherboard Cables Computer Care IBM Cost Management Time Management Printer Managed Services Identity Continuity Halloween Break Fix Websites Updates Fraud Device Deep Learning Smart Office Search Black Friday Mixed Reality Mobile Device Management Screen Reader Charging Identity Theft LED Threats Licensing Dongle Servers Google Calendar Safety Migration Wires Training Corporate Profile Emergency Personal Information Botnet Cortana 3D Printing Mobile Computing Regulation Supercomputer CrashOverride Financial Motion Sickness Staffing Administrator Processors Taxes Machine Learning Web Server what was your? Unsupported Software IT Budget GPS IT Consultant Computer Repair Relocation Cameras Mobile Data Recovery Meetings How To Work/Life Balance Tracking Cleaning Health Black Market CCTV Webcam Law Enforcement Electronic Medical Records Printers Notifications Error Twitter Physical Security Emoji Point of Sale Ben McDonald shares Upgrades Gadget Travel Crowdsourcing BDR

What Our Clients Say

  • BNMC has provided us with nothing less than outstanding service and results for all of our IT needs for the past few years. Every member of their staff is professional, knowledgeable, friendly and eager to solve any problem...
  • 1
  • 2
  • 3