China claims it has obtained malware used by the NSA to steal files, monitor and redirect network traffic, and remotely control computers to spy on foreign targets.
The software nasty, dubbed NOPEN, is built to commandeer selected Unix and Linux systems, according to Chinese Communist Party tabloid Global Times, which
today cited a report it got exclusively from China's National Computer Virus Emergency Response Center.
Trouble is, NOPEN was among the files
publicly leaked in 2016 by the Shadow Brokers. If you can recall back that far, the Shadow Brokers stole and dumped online malware developed by the NSA's Equation Group.
At the time, security researchers at Vectra
analyzed NOPEN in the leaked materials, and described it as a remote-access trojan for Unix-flavored systems, which matches the NOPEN Global Times got excited about today.
In effect, Global Times has told us China has "captured a spy tool deployed by the US National Security Agency," which would be a spy tool we've known about for years.
Why China would like the world to once again know about NOPEN is anyone's guess. Perhaps Beijing wanted to counter claims by the West that China has been spying on organizations and ripping off their intellectual property, or hoped to inject some extra mischief into the tense standoff between Russia, China, and the West over President Putin's bloody invasion of Ukraine.
The NSA used NOPEN to take over "a large number" of computers around the world, and the theft of data from this equipment has caused "inestimable losses," we were told today. The American malware would install a backdoor that once activated would allow miscreants to connect in, extract files, change the operation of the system, and explore the network for other resources to hijack or steal, it is claimed.
The NSA declined to comment on NOPEN and other claims of spies-doing-spying in the article.
