A map of China is seen through a magnifying glass on a computer screen showing binary digit, illustration
A map of China is seen through a magnifying glass on a computer screen showing binary digit, illustration
Photo: Reuters
A map of China is seen through a magnifying glass on a computer screen showing binary digit, illustration

Chinese spyware code copied from America's NSA, Israeli company says

Tel Aviv based Check Point Software Technologies report notes features in a piece of China-linked malware it dubs 'Jian' could only have been stolen from some of the National Security Agency break-in tools leaked to the internet in 2017

Reuters |
Updated: 02.22.21 , 22:09
Chinese spies used code first developed by the U.S. National Security Agency to support their hacking operations, Israeli researchers said on Monday, another indication of how malicious software developed by governments can boomerang against their creators.
  • Follow Ynetnews on Facebook and Twitter


  • Tel Aviv-based Check Point Software Technologies issued a report noting that some features in a piece of China-linked malware it dubs “Jian” were so similar they could only have been stolen from some of the National Security Agency break-in tools leaked to the internet in 2017.
    2 צפייה בגלריה
    A map of China is seen through a magnifying glass on a computer screen showing binary digit, illustration
    A map of China is seen through a magnifying glass on a computer screen showing binary digit, illustration
    A map of China is seen through a magnifying glass on a computer screen showing binary digit, illustration
    (Photo: Reuters)
    Yaniv Balmas, Checkpoint’s head of research, called Jian “kind of a copycat, a Chinese replica.”
    The find comes as some experts argue that American spies should devote more energy to fixing the flaws they find in software instead of developing and deploying malicious software to exploit it.
    The NSA declined comment. The Chinese Embassy in Washington did not respond to requests for comment.
    A person familiar with the matter said Lockheed Martin Corp – which is credited as having identified the vulnerability exploited by Jian in 2017 – discovered it on the network of an unidentified third party.
    In a statement, Lockheed said it “routinely evaluates third-party software and technologies to identify vulnerabilities.”
    2 צפייה בגלריה
    Computer code is seen on a screen above a Chinese flag, illustration
    Computer code is seen on a screen above a Chinese flag, illustration
    Computer code is seen on a screen above a Chinese flag, illustration
    (Photo: Reuters)
    Countries around the world develop malware that breaks into their rivals’ devices by taking advantage of flaws in the software that runs them. Every time spies discover a new flaw they must decide whether to quietly exploit it or fix the issue to thwart rivals and rogues.
    That dilemma came to public attention between 2016 and 2017, when a mysterious group calling itself the “Shadow Brokers” published some of the NSA’s most dangerous code to the internet, allowing cybercriminals and rival nations to add American-made digital break-in tools to their own arsenals.


    First published: 22:03 , 02.22.21
    Talkbacks for this article 0