Security researchers with U.S. cybersecurity firm Symantec said they have discovered a “highly sophisticated” Chinese hacking tool that has been able to escape public attention for more than a decade.
The discovery was shared with the U.S. government in recent months, who have shared the information with foreign partners, said a U.S. official. Symantec, a division of chipmaker Broadcom, published its research about the tool, which it calls Daxin, on Monday.
“It’s something we haven’t seen before,” said Clayton Romans, associate director with the U.S. Cybersecurity Infrastructure Security Agency (CISA). “This is the exact type of information we’re hoping to receive.”
CISA highlighted Symantec’s membership in a joint public-private cybersecurity information sharing partnership, known as the JCDC, alongside the new research paper.
The JCDC, or Joint Cyber Defense Collaborative, is a collective of government defense agencies, including the FBI and National Security Agency, and 22 U.S. technology companies that share intelligence about active cyberattacks with one another.
The Chinese embassy in Washington did not respond to a request for comment.
“The capabilities of this malware are remarkable and would be extremely difficult to detect without this public research,” said Neil Jenkins, chief analytics officer at the Cyber Threat Alliance, a non-profit group that brings together cybersecurity experts to share data.
Symantec’s attribution to China is based on instances where components of Daxin were combined with other known, Chinese-linked computer hacker infrastructure or cyberattacks, said Vikram Thakur, a technical director with Symantec.
Symantec researchers said the discovery of Daxin was noteworthy because of the scale of the intrusions and the advanced nature of the tool.
“The most recent known attacks involving Daxin occurred in November 2021,” the research report reads. “Daxin’s capabilities suggest the attackers invested significant effort into developing communication techniques that can blend in unseen with normal network traffic.”
Daxin’s victims included high-level, non-Western government agencies in Asia and Africa, including Ministries of Justice, Thakur added.
“Daxin can be controlled from anywhere in the world once a computer is actually infected,” said Thakur. “That’s what raises the bar from malware that we see coming out of groups operating from China.”
Romans said he did not know of affected organizations in the United States, but there were infections all around the globe, which the U.S. government was helping to notify.
“Clearly the actors have been successful in not only conducting campaigns but being able to keep their creation under wraps for well over a decade,” said Thakur.
By Christopher Bing
Affiliate News Feeds
- Washington Examiner
- The Federalist
- The Epoch Times
- The Guardian
- The Gateway Pundit
- Judicial Watch
By Patricia Tolson A new survey reveals that the majority of Americans do not trust the integrity of America’s elections. According to a poll conducted among likely General Election voters between Nov. 16–20… [...]
By Louise Chambers When her neighbor, a farmer, fell ill suddenly, a Minnesota teen volunteered to help him tend the land. The farmer was beyond grateful for the support, and the teen… [...]
EXCLUSIVE — U.S. air marshals are planning to stage an open rebellion against the Biden administration over a plan that would strip 99% of commercial flights from federal protection as… [...]
Attorneys general from 18 states are calling on UPS and FedEx to clarify their policies on shipping guns amid concerns about the companies being able to track gun owners without… [...]
Politico should have done far better than stating opinion as fact and blithely ignoring concerns that medical experts have raised. [...]
What the Rhine case reveals is the danger that a partnership between an equally politicized federal government and Big Tech presents to disfavored groups. [...]
The U.S. Senate on Nov. 29 approved the “Respect for Marriage Act,” with a dozen Republicans crossing the aisle to vote yes. See below how each senator voted for the… [...]
Guardian unpicks complex web of investment firms, wealth funds and tax haven-based businesses that own most of sectorEngland’s water: the world’s piggy bankCan global water investors be held to account?England’s… [...]
Former lady-in-waiting to queen issues apology after Ngozi Fulani questioned over where her ‘people’ came fromThe late queen’s lady-in-waiting has resigned and apologised after a black guest at a reception… [...]
Surveillance video released this week shows a gunman ambush an on duty Philadelphia Parking Authority officer in the Frankford neighborhood, shooting him in the head in an attempted execution last… [...]
Even Democrats believe that the election in Arizona was a mess that impacted the outcome of the election. Maricopa was a royal mess. We all know it. A new Rasmussen… [...]
Though years ago India passed a sweeping law giving transgender people rights—and prohibiting discrimination in education, employment, and healthcare—the Biden administration is spending American taxpayer dollars to counter stigma and… [...]
(Washington, DC) – Judicial Watch announced today that it filed a Freedom of Information Act (FOIA) lawsuit against the Department of Homeland Security (DHS) for all communications between the Secret… [...]