BEIJING: An implant tool code-named “suctionchar” was used by the US National Security Agency to intercept passwords and login data during the cyberattack on the internal servers of the Northwestern Polytechnical University of China in April, according to a report published on Tuesday.
Furthermore, traces of “suctionchar” have been found in the networks of other institutes, which mean that the NSA may have carried out a large-scale cyberattack against China, according to the report published by the National Computer Virus Emergency Response Center.
The tool, which has been described by security experts as “32 or 64 bit OS, solaris sparc 8,9, Kernel level implant”, mainly targets Unix and Linux platforms, is easily integrated and used with other cyberattack tools and is difficult to detect. In addition to intercepting passwords and login data, it can theoretically be used to obtain all kinds of other information, and, according to the report, it is a powerful weapon.
The implant’s codes were published in the report, which added that “suctionchar” was used by the NSA’s Office of Tailored Access Operations — a cyberwarfare intelligence-gathering unit — in the attack on the internal servers of the NPU, which is known for its programs in the fields of aeronautics, astronautics and marine technology engineering.
The attack led to a large-scale, continuous leak of sensitive data.
–The Daily Mail-China Daily news exchange item