Symantec: ‘Buckeye’ Group Linked to China Used NSA Hacking Tools to Launch Attacks in Europe, Asia

Symantec has found that a group of cyber hackers called Buckeye gained access to hacking tools used by the Equation group or the National Security Agency and adopted such tools to target private companies and U.S. allies in Asia and Europe in 2016, The New York Times reported Monday.

Symantec did not specifically identify China in its study but cyber firms and the Department of Justice have linked the Buckeye group to a contractor of China’s intelligence and security agency.

Researchers at Symantec believe Buckeye may have captured the tools from an attack initiated by the Equation group and repurposed them to launch cyber attacks against telecommunications, educational institutions and scientific research organizations in Luxembourg, Belgium, Hong Kong, Vietnam and the Philippines.

“We’ve learned that you cannot guarantee your tools will not get leaked and used against you and your allies,” said Eric Chien, a security director at Symantec.

Symantec also discovered that Buckeye started using the NSA tools in attacks months before a group called Shadow Brokers leaked their first versions of those hacking tools.

Check Also

John Cooney

Former ITA Official John Cooney to Lead SkyWater’s Government Engagements

John Cooney, a former official at the Department of Commerce's International Trade Administration, has joined semiconductor foundry services provider SkyWater Technology as director of U.S. government relations.

Ellen Lord

DoD Launches Pilot Programs for Software Procurement; Ellen Lord Quoted

The Department of Defense (DoD) has made continued efforts to transform software procurement across the military,  FedScoop reported Thursday. Ellen Lord, undersecretary of defense for acquisition and sustainment and four-time Wash100 Award recipient, has developed pilot programs to test the acquisition.


Analyst1 to Help DoD’s Innovation Org Develop Cyber Threat Intell Platform

Analyst1 has been selected help the Defense Innovation Unit transform cybersecurity operations through the development of an enterprise-grade technology that will work to automatically process threat intelligence data.