In 2014, Chinese hackers used a spyware code that was first developed by the US National Security Agency (NSA), the Tel Aviv-based American-Israeli IT company Check Point Software Technologies has claimed in a report.
The survey suggested that some features in the so-called “Jian”, a type of malware purportedly linked with China, were so similar to those of the NSA that they could only have been stolen from the agency’s several break-in tools leaked to the internet in the past.
Neither the NSA nor the Chinese Embassy in Washington has commented on the matter yet.
Check Point’s head of research Yaniv Balmas described “Jian” as nothing but “kind of a copycat, a Chinese replica” of the NSA’s malware.
According to him, the Check Point report hammers home a conventional wisdom that spymasters should certainly think twice before using a vulnerability for their own purposes.
“Maybe it’s more important to patch this thing and save the world. It might be used against you”, Balmas underlined.
The “Jian” spyware was first reported to Microsoft by Lockheed Martin’s Computer Incident Response Team as Lockheed routinely evaluates “third-party software and technologies to identify vulnerabilities”.
It remains unclear how the “Jian” malware was used, but in a 2017 advisory, the Microsoft Corporation argued that the code was linked to a Chinese hacking group known as “Zirconium”.
The entity was accused of targeting US presidential election-related organisations and individuals, including people associated with President Joe Biden’s election campaign.
“Jian” was reportedly crafted in 2014, at least two years before the hacking group “Shadow Brokers” published some of the NSA’s most dangerous codes on the internet, in apparent proof of the agency not being particularly careful about controlling of its own malware.