NSA-Developed Malware Used in Third-Party Hack

by Compudata | Friday, June 14th, 2019

Have you ever wondered what happens when hackers gain access to state-developed malware tools? Well, now you don’t have to; a type of malware called Double Pulsar, that has been utilized in the past by the NSA, was bundled with a Chinese hacking tool and used to carry out attacks on Hong Kong and Belgium in 2016. Needless to say, this threat is unnerving.

Double Pulsar could be used to install additional malware on a target PC. At the time the threat could only be leveraged against 32-bit operating systems, but the Chinese-hacked tool struck later in the year versus 64-bit machines and newer operating systems. Symantec has found evidence that this threat was utilized, hypothesizing that the Chinese hackers built the tool after analyzing network traffic during a legitimate Double Pulsar attack.

The possibility that the hackers discovered the threat through a different vector exists, such as stealing the threat from an unsecured server, but the fact remains that this sets a dangerous precedent for tools like these being taken and used against their intentions.

It’s noteworthy to mention that the hacking group that utilized Double Pulsar is no longer active, but this shouldn’t mitigate the risks associated with it–especially since the tool is still out there for use by other threat actors. Thankfully, the Chinese tool also took advantage of a Windows vulnerability that has since been patched… so there’s that.

This isn’t the first time that hacking tools utilized by the NSA were stolen and utilized by hackers. In 2017, a group called the Shadow Brokers stole and dumped several hacking tools online, which is where the name Double Pulsar was originally discovered. If anything, the revelation that this threat existed at some point in the past only further exacerbates the need for proper network security–especially state actors that take more liberties with the development of these types of tools.

What are your thoughts on these developments and the possibility that these threats could be used to attack organizations like yours in the future? Let us know in the comments and be sure to ask us how you can secure your network from these threats. We have all kinds of tools at our disposal that can keep your business safe from harm. Call us today at 1-855-405-8889 to learn more.

A Glimpse Into What Compliance Looks Like for Businesses

Apr 7, 2025 | Blog, Business

It’s easy to see all the reasons why you should make data regulations and compliance a priority. After all, you want to ensure you don’t violate the trust and security of your customers, as well as the integrity of your operations. If you make even one mistake, it...

AI Search Isn’t There Yet

Apr 4, 2025 | Blog, Technology

People do this all the time: if they don’t know an answer, they just make something up that sounds right. It turns out AI has the same bad habit. A Study Put AI Search to the Test, and It Did Not Go Well Researchers at the Tow Center for Digital Journalism (part of...

Remote Work Is Great, but There Are Some Pitfalls

Apr 2, 2025 | Best practices, Blog

Do you have employees working remotely? If you do, the real question is, are you doing everything you can to keep them productive and secure? Remote work is awesome, but it comes with its fair share of risks. Today, we get into how to competently confront them. Remote...

It’s World Backup Day! You Need to Hedge Against Losing Data

Mar 31, 2025 | Blog, IT Blog

Data loss can be from a cyberattack, hardware failure, or just plain bad luck. Either way, it is a real threat to your business. You can hedge against it by having solid data backup strategies in place. Today is World Backup Day, so we thought we’d go through some...

Hiring IT is Hard (Here’s How to Make It Easier)

Mar 28, 2025 | Blog, Business

Do you have someone on your staff who can handle most IT-related issues for your business? If not, we’re sure your organization feels it in more ways than one. The issues that come from not having IT help are only made more frustrating when it comes time to find IT...

What Should Your Business Commit to Its Cybersecurity Protections?

Mar 26, 2025 | Blog, Security

How much your business should spend on cybersecurity largely depends on a variety of factors, and you cannot lump yourself in with just any other business. The same IT budget will go to different lengths for different businesses. Your typical small business, for...

Shouldn’t Consumers Know the End of Life Date of Connected Devices?

Mar 24, 2025 | Blog, Technology

In the grocery store, we’re given the estimated date that the food we’re buying will turn, helping us to make more informed decisions about what we are purchasing and the quality therein. Wouldn’t it be nice if the same could be said about the technology our...

Let’s Take the Lid Off of CAPTCHA

Mar 21, 2025 | Blog, Security

We've officially reached the point where humans have to prove they're, well, human just to access websites. One of the most common ways to do this? CAPTCHA. CAPTCHA stands for Completely Automated Public Turing test to tell Computers and Humans Apart. It might sound...

Know Your Rights; Protecting Your Devices and Your Identity from Law Enforcement

Mar 19, 2025 | Blog, Security

Our phones, laptops, smart home devices, and even our cars are packed with data about our lives. But what happens when law enforcement wants access to that information? Whether you're an individual just trying to keep your personal data safe or a business owner...

Automation Isn’t Always the Best Business Option

Mar 17, 2025 | Blog, Business

Automation makes sense from an operations standpoint, and people see this despite the many who advocate for scaling back to save jobs. For every task that can be completed, however, less than half can be automated. When you consider all the tasks that a human might be...

Industry Insights

NSA-Developed Malware Used in Third-Party Hack

A Glimpse Into What Compliance Looks Like for Businesses

AI Search Isn’t There Yet

Remote Work Is Great, but There Are Some Pitfalls

It’s World Backup Day! You Need to Hedge Against Losing Data

Hiring IT is Hard (Here’s How to Make It Easier)

What Should Your Business Commit to Its Cybersecurity Protections?

Shouldn’t Consumers Know the End of Life Date of Connected Devices?

Let’s Take the Lid Off of CAPTCHA

Know Your Rights; Protecting Your Devices and Your Identity from Law Enforcement

Automation Isn’t Always the Best Business Option

More Reading from Industry Insights:

A Glimpse Into What Compliance Looks Like for Businesses

AI Search Isn’t There Yet

Remote Work Is Great, but There Are Some Pitfalls

It’s World Backup Day! You Need to Hedge Against Losing Data

Hiring IT is Hard (Here’s How to Make It Easier)

About Us

Contact Us

Company

Trust