Malware Used in DNC Hack Has Roots in Chinese Open-Source Tool


July 29, 2016

One of the malware variants used to infiltrate and hack the Democratic National Committee (DNC) back in April 2016 is based on an open source networking utility developed by a Chinese company in the early 2000s.

The malware, codenamed X-Tunnel, is part of the arsenal employed by the Fancy Bear APT (also known as Sofacy, APT28, Sednit, Pawn Storm, or Strontium).

Security firm CrowdStrike, who first investigated the DNC hack, says that this group hacked into the DNC servers in April 2016, after another APT called Cozy Bear infiltrated the same servers in the summer of 2015.

Read full story…