Home>Blog>The Hacker News Headlines>China Accuses NSA’s TAO Unit of Hacking its Military Research University
The Hacker News Headlines

China Accuses NSA’s TAO Unit of Hacking its Military Research University

China Accuses NSA

China has accused the U.S. National Security Agency (NSA) of
conducting a string of cyberattacks aimed at aeronautical and
military research-oriented Northwestern Polytechnical University in
the city of Xi’an in June 2022.

The National Computer Virus Emergency Response Centre (NCVERC)
disclosed its findings last week, and accused the Office of
Tailored Access Operations (TAO[1]) at the USA’s National
Security Agency (NSA) of orchestrating thousands of attacks against
the entities located within the country.

“The U.S. NSA’s TAO has carried out tens of thousands of
malicious cyber attacks on China’s domestic network targets,
controlled tens of thousands of network devices (network servers,
Internet terminals, network switches, telephone exchanges, routers,
firewalls, etc.), and stole more than 140GB of high-value data,”
the NCVERC said[2].

CyberSecurity

The agency further said that the attack on the Northwestern
Polytechnical University employed no fewer than 40 different cyber
weapons that are designed to siphon passwords, network equipment
configuration, network management data, and operation and
maintenance data.

It also said that the TAO used two zero-day exploits for the
SunOS Unix-based operating system to breach servers used in
educational institutions and commercial companies to install what
it called the OPEN Trojan.

The attacks are said to have been mounted via a network of proxy
servers hosted in Japan, South Korea, Sweden, Poland, and Ukraine
to relay the instructions to the compromised machines, with the
agency noting that the NSA made use of an unnamed registrar company
to anonymize the traceable information such as relevant domain
names, certificates, and registrants.

Besides OPEN Trojan, the attacks entailed the use of malware it
calls “Fury Spray,” “Cunning heretics,” “Stoic Surgeon,” and
Acid Fox[3]” that are capable of
“covert and lasting control” and exfiltrating sensitive
information.

“The U.S.’s behavior poses a serious danger to China’s national
security and citizens’ personal information security,” spokeswoman
Mao Ning said[4]
last week.

CyberSecurity

“As the country that possesses the most powerful cyber
technologies and capabilities, the U.S. should immediately stop
using its prowess as an advantage to conduct theft and attacks
against other countries, responsibly participate in global
cyberspace governance and play a constructive role in defending
cyber security.”

This is not the first time China has called out the U.S. for its
intelligence hacking operations. In February, Pangu Lab disclosed
details of a previously unknown backdoor called Bvp47[5]
that’s alleged to have been used by the Equation Group to strike
more than 287 entities globally.

Then in April, the NCVERC also released a technical analysis of
a malware platform called Hive[6]
that’s said to be employed by the U.S. Central Intelligence Agency
(CIA) to customize and adapt malicious programs to different
operating systems, plant backdoor, and achieve remote access.

References

  1. ^
    TAO
    (en.wikipedia.org)
  2. ^
    said
    (www.cverc.org.cn)
  3. ^
    Acid
    Fox     (www.cverc.org.cn)
  4. ^
    said
    (www.fmprc.gov.cn)
  5. ^
    Bvp47
    (thehackernews.com)
  6. ^
    Hive
    (www.cverc.org.cn)

Read more

Leave a Reply

Powered By Anakyst UK Work done easy Discover Great Places People Websites in Nigeria. Be Discovered and Discover Great Places People Products & Websites in Nigeria. Tell us what you need to advertise online onradio ontv and where you want to advertise and discover talented publishers and advertisers within minutes for just a fraction of the cost!JobScout | Developed By Rara Theme. Powered by WordPress.