News   /   Military   /   China

China detects 'concealed and adaptable' US spyware

US Rep. Ilhan Omar (D-MN) (L) talks with Speaker of the House Nancy Pelosi (D-CA) during a rally with fellow Democrats before voting on H.R. 1, or the People Act, on the East Steps of the US Capitol on March 08, 2019 in Washington, DC. (AFP photo)
This picture shows a view of the well-known Northwestern Polytechnical University (NPU) in China.

A US spyware planted on the email system of a well-known technical university has been discovered by Chinese authorities.

The Global Times reported on Tuesday that Chinese cybersecurity experts discovered the "concealed and adaptable" spyware planted by US' intelligence center National Security Agency (NSA) on Northwestern Polytechnical University systems in Northwest China's Shaanxi Province.

It said the US aimed to launch a cyberattack against the university to steal information from the institution famous for its advanced aviation, aerospace and navigation research and studies.

The Chinese technical team behind the discovery announced last week that by extracting many trojans samples from internet terminals of Northwestern Polytechnical University, under the support of European and South Asian partners, it initially identified that the cyberattack to the university was conducted by the Tailored Access Operations (TAO) under the Data Reconnaissance Bureau of NSA's Information Department.

The technical team discovered 41 types of spyware in more than 1,100 attack links, which had infiltrated the university system and more than 90 operating instruction sequences, stealing multiple system configuration files and network management data, as well as key operational data and other types of logs and files.

China's National Computer Virus Emergency Response Center and Beijing-based Qi An Pangu lab conducted a deeper system analysis and discovered another spyware named "drinking tea" behind the theft of large amounts of sensitive data. 

TAO implanted "drinking tea" into the internal network server of Northwestern Polytechnical University and stole the login password of remote management and remote file transfer services, such as SSH, so as to gain access to servers on the Intranet, and other high-value servers, resulting in the stealing of sensitive data.

Last year, Chinese authorities branded the US as the "biggest threat to global cybersecurity”.

Senior Colonel Wu Qian, a spokesman of the Chinese Ministry of National Defense, said on July 29,  2021 the United States was the “empire of hacking and theft of secrets ... the biggest threat to global cybersecurity”.

Wu said the US has conducted mass-scale cyber espionage, surveillance and attacks on foreign governments, companies and individuals for years.

He called on the international community to stand up against US bullying.

US spy agencies are accused of launching the greatest number of cyberattacks around the world each year.

Press TV’s website can also be accessed at the following alternate addresses:

Press TV News Roku