Recently, the National Computer Virus Emergency treatment Center and 360 Company conducted a technical analysis of a spy software called "Second Dating". The analysis report showed that the software was a cyber spy developed by the National Security Agency (NSA)arms.It is understood that, in the process of investigating the Northwest Polytechnical University (NSA) network attack case with 360 Company in conjunction with the 360 Company, in conjunction with the National Computer Virus Emergency Treatment Center, it successfully extracted multiple samples of this spy software and locked this network.Behind the spy operation, the true identity of the National Security Agency (NSA) staff.
According to a technical analysis report, the "second date" spy software is a network spy weapon developed by the National Security Agency (NSA). The software can achieve malicious functions such as network traffic eavesdropping, intermediate attack, and malicious code.Cooperate with other malicious software to complete complex network "spy" activities.
Du Zhenhua, senior engineer of the National Computer Virus Emergency Treatment Center: The software is a high -tech network spy tool, enabling an attacker to fully take over the attack (target) network equipment and pass through theseThe network traffic of the network device can be used to achieve long -term secrets of hosts and users in the target network. At the same time, it can also be used as the "forward base" of the next stage to attack, and to send more network attack weapons to the target network at any time.
According to experts, the "Second Dating" spy software has long been staying on network boundary devices such as gateway, border router, firewall, etc. Its main functions include network traffic sniffing, online session tracking, traffic redirectional hijacking, traffic tampering tampered with traffic, and traffic tampering.wait.In addition, the "Second Dating" spy software supports running on various operating systems, and is compatible with a variety of architectures, with a wide range of applications.
Du Zhenhua, senior engineer of the National Computer Virus Emergency Treatment Center: The spy software is usually used in combination with the various types of network equipment vulnerabilities for firewalls and network routers in combination with the specific invasion operation office (TAO).EssenceOnce the vulnerability attack is successful and the attacker has successfully obtained the control of the target network equipment, this network spy software can be implanted into the target network device.
The report shows that the National Computer Virus Emergency Treatment Center and 360 Company and industry partners carry out technical surveys globally."Spy software and its derivative versions, and found long -controlled springboard servers by the National Security Agency (NSA), most of which are distributed in Germany, Japan, South Korea, India and Taiwan.
Du Zhenhua, senior engineer of the National Computer Virus Emergency Treatment Center: With the cooperation of partners in many countries, our joint investigation has made breakthrough progress.At present, it has successfully locked the true identity of the National Security Agency (NSA) of the National Security Agency (NSA) that launched a network attack on Northwest China University of Technology.