New evidence! Mysterious Hacker Identity Locked Out for Cyberattack at Western Polytechnic University
Recently, the National Computer Virus Emergency Response Center and 360 Company conducted a technical analysis of a spy software called "Second Date". The analysis report shows that the software is a network spy weapon developed by the National Security Agency (NSA) of the United States
Recently, the National Computer Virus Emergency Response Center and 360 Company conducted a technical analysis of a spy software called "Second Date". The analysis report shows that the software is a network spy weapon developed by the National Security Agency (NSA) of the United States. It is reported that during the collaboration between the National Computer Virus Emergency Response Center and 360 Company in investigating the network attack on Northwestern Polytechnical University by the National Security Agency (NSA), multiple samples of this spyware were successfully extracted,And identified the true identities of the National Security Agency (NSA) staff behind this cyber espionage operation.
According to a technical analysis report, the "Second Date" spy software is a network spy weapon developed by the National Security Agency (NSA) of the United States. The software can achieve malicious functions such as network traffic eavesdropping and hijacking, man in the middle attack, and inserting malicious code. It can cooperate with other malicious software to complete complex network "spy" activities.
Du Zhenhua, Senior Engineer of the National Computer Virus Emergency Response Center:This software is a high-tech network espionage tool that allows attackers to fully take over the attacked (target) network devices and the network traffic flowing through them, thereby achieving long-term theft of hosts and users in the target network. At the same time, it can also serve as a "forward base" for the next stage of attacks, constantly delivering more network attack weapons to the target network.
According to experts, "Second Date" spyware has long resided on network boundary devices such as gateways, boundary routers, and firewalls. Its main functions include network traffic sniffing, network session tracking, traffic redirection hijacking, and traffic tampering. In addition, the "Second Date" spyware supports running on various operating systems and is compatible with multiple architectures, with a wide range of applications.
Du Zhenhua:This spyware is typically used in conjunction with various network device vulnerability attack tools targeting firewalls and network routers from specific intrusion action offices (TAOs). Once the vulnerability attack is successful and the attacker successfully obtains control permissions of the target network device, they can implant this network spyware into the target network device.
The report shows that the National Computer Virus Emergency Response Center and 360 Company, along with industry partners, have conducted technical investigations worldwide. After layer by layer tracing, they have discovered that thousands of network devices across countries are still secretly running "Second Date" spyware and its derivative versions. They have also discovered springboard servers remotely controlled by the National Security Agency (NSA) of the United States, most of which are distributed in Germany, Japan, South Korea India and Taiwan, China.
Du Zhenhua:With the joint cooperation of industry partners from multiple countries, our joint investigation work has made breakthrough progress. At present, the real identities of the National Security Agency (NSA) personnel who launched a cyber attack against Northwestern Polytechnical University have been successfully identified.
Source: CCTV News Client
Disclaimer: The content of this article is sourced from the internet. The copyright of the text, images, and other materials belongs to the original author. The platform reprints the materials for the purpose of conveying more information. The content of the article is for reference and learning only, and should not be used for commercial purposes. If it infringes on your legitimate rights and interests, please contact us promptly and we will handle it as soon as possible! We respect copyright and are committed to protecting it. Thank you for sharing.(Email:[email protected])