back to article China-linked malware targeted secure networks in 'multiple governments'

The United States' Cybersecurity and Infrastructure Security Agency (CISA), working with security vendor Symantec, has found an extremely sophisticated network attack tool that can invisibly create backdoors, has been plausibly linked to Chinese actors, and may have been in use since 2013. Symantec's threat hunting team has …

  1. Paul Crawford Silver badge

    I was thinking "How on earth can it do all those things undetected?" and then I read:

    Symantec says it ships as a Windows kernel driver and works to hijack legitimate TCP/IP connections.

    Reminds me why our one "this has to be windows" server is firewalled from sending data out, not just connections coming in.

  2. Anonymous Coward
    Anonymous Coward

    I thought windows didn't allow unsigned kernel drivers to be loaded? Is this thing signed by a trusted key? Whose? :S

  3. Anonymous Coward
    Anonymous Coward

    Yeah, Windows.

    More needs not be said, really.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like

Biting the hand that feeds IT © 1998–2022