Scoop has an Ethical Paywall
Buckeye group used Equation Group tools pre-Shadow Brokers
Symantec Threat Intelligence: Buckeye attack group used Equation Group tools pre-Shadow Brokers leak
Today, Symantec released new research revealing the Buckeye (aka APT3 and Gothic Panda) attack group was using Equation Group tools to gain persistent access to target organisations at least a year prior to the Shadow Brokers leak. The variants of the Equation Group tools used by Buckeye appear to be newer and modified compared to those released by Shadow Brokers.
This marks the first time Symantec has seen a case—long referenced in theory—of an attack group recovering otherwise unknown exploits and tools used against them to subsequently attack others.
Of note, Buckeye’s use of Equation Group tools also involved the exploit of a previously unknown Windows zero-day vulnerability that Symantec discovered (which has since been patched by Microsoft).
While Buckeye appeared to cease operations in mid-2017 and three alleged members of the group were indicted by the U.S. Department of Justice in November 2017, the Equation Group tools associated with Buckeye specifically continued to be used in attacks until late 2018.
Symantec’s full research can be found here.
University of Auckland: Scientists Develop Tool To Monitor Coastal Erosion In Fine Detail
Oji Fibre Solutions: OjiFS Proposes To Discontinue Paper Production At Kinleith Mill
Hugh Grant: Navigating Digital Adoption In New Zealand - Embracing Change For A Bright Future
Dawn Aerospace: Historic Flight - Breaks Sound Barrier And Global Records
SEEK: SEEK NZ Employment Report - October
University of Auckland: Protecting Young Minds With AI
