Symantec Discovers New "Highly Sophisticated" Chinese Hacking Tool


Table of Contents

Symantec, a cybersecurity firm based in the United States, identified a highly sophisticated hacking tool that was allegedly developed by Chinese. The uncovered hacking tool is very complicated and has managed to avoid public scrutiny for over a decade.

According to a US official, the finding of the malware was communicated to the United States government, which then shared the information with its overseas allies. Symantec published its research on the tool, which it refers to as Daxin, on Monday.

Clayton Romans, associate director of the Cubersecurity Infrastructure Security Agency (CISA) in the United States, stated that they discovered something that had never been observed before. Moreover, he stated that it is exactly the type of information that they were hoping to receive.

On Monday, in conjunction with the release of the new research paper, CISA also announced the admission of Symantec into a collaborative public-private cybersecurity information-sharing cooperation known as the JCDC.

The Joint Cyber Defense Collaborative (JCDC) is a collaboration of government defence agencies, including the FBI and the National Security Agency, and 22 United States technology companies that share information about active cyberattacks.

Chinese officials have previously stated that their country is likewise a victim of cyberattacks and that they are opposed to all forms of cyberattacks. Despite this, the Chinese embassy in Washington did not respond to a request for comment in this particular instance.

Technical director at Symantec Vikram Thakur stated that the connection between sections of Daxin and other known Chinese-linked computer hacker infrastructure or cyberattacks is the reason why Symantec attributes this malware to China. This incident is remarkable, according to Symantec analysts, because of the scope and sophistication of the intrusions and the advanced nature of the tool used.

According to the research, the most recent known attacks employing Daxin occurred in November 2021, which is the most recent date available. Vikram further stated that high-level, non-western government institutions in Asia and Africa, including Ministries of Justice, are among the kind of victims who have fallen victim to Daxin.

Vikram claims that Daxin is so complex that once a computer has been infected by it, it can be controlled from anywhere in the world. Although Romans was unaware of any US organisations infected with Daxin, he stated that there were infections all over the world, which the United States government was assisting in informing about.