Symantec has found that a group of cyber hackers called Buckeye gained access to hacking tools used by the Equation group or the National Security Agency and adopted such tools to target private companies and U.S. allies in Asia and Europe in 2016, The New York Times reported Monday.
Symantec did not specifically identify China in its study but cyber firms and the Department of Justice have linked the Buckeye group to a contractor of China’s intelligence and security agency.
Researchers at Symantec believe Buckeye may have captured the tools from an attack initiated by the Equation group and repurposed them to launch cyber attacks against telecommunications, educational institutions and scientific research organizations in Luxembourg, Belgium, Hong Kong, Vietnam and the Philippines.
“We’ve learned that you cannot guarantee your tools will not get leaked and used against you and your allies,” said Eric Chien, a security director at Symantec.
Symantec also discovered that Buckeye started using the NSA tools in attacks months before a group called Shadow Brokers leaked their first versions of those hacking tools.