New research has found evidence that a Chinese-affiliated threat group (APT31) has hijacked a hacking tool previously used by the Equation Group. The tool in question, dubbed Jian, is used to exploit a local privilege-escalation (LPE) flaw in Windows, known as CVE-2017-0005. Researchers say the exploit was in use by APT31 in 2014, years before the ShadowBrokers leak in 2017, which leaked a cache of exploits. Check Point Research head Yaniv Balmas and Oded Vanunu talk on this week s Threatpost podcast about the new discoveries around NSA-linked exploit tools.
Source: https://threatpost.com/chinese-hackers-hijacked-nsa-hacking-tool/164155/