bodyType

customContents

entityId

printArticlePageQuery

filter

article

body

urlAlias

articleSectionsContent

articleSeoArticle

articleSourceHeaderArticle

contentSchemaRenderContent

contentSubHeadlineContent

contentHeadlineContent

mainImagePrintArticleArticle

authorBlockPrintArticleArticle

contentSponsorTagContent

articlePianoPaywallContent

scmpYoutubeContent

hooksTrackPageViewArticle

query printArticlePageQuery(
  $entityId: String!
  $customContents: [CustomContentInput]
  $bodyType: BodyFormatTypeEnum
) {
  article(filter: {entityId: $entityId}) {
    entityId
    body(customContents: $customContents, type: $bodyType) {
      json
    }
    urlAlias
    ...articleSectionsContent
    ...articleSeoArticle_3o8td4
    ...articleSourceHeaderArticle
    ...contentSchemaRenderContent
    ...contentSubHeadlineContent
    ...contentHeadlineContent
    ...mainImagePrintArticleArticle
    ...authorBlockPrintArticleArticle
    ...contentSponsorTagContent
    ...articlePianoPaywallContent
    ...scmpYoutubeContent
    ...hooksTrackPageViewArticle
    id
  }
}

fragment articlePianoPaywallContent on Content {
  __isContent: __typename
  ...hooksPaywallPromiseContent
}

fragment articleSectionsContent on Content {
  __isContent: __typename
  sections {
    value {
      ...helpersCheckIfNewsSectionInFirstIndexSection
      ...entityLink
      name
      id
    }
  }
}

fragment articleSeoArticle_3o8td4 on Article {
  ...hooksArticleSeoArticle
  ...helpersCheckIsPostiesArticle
  ...helpersGetArticleTypeArticle
  entityId
  publishedDate
  updatedDate
  summary {
    text
  }
  subHeadline {
    text
  }
  body(customContents: $customContents, type: $bodyType) {
    text
  }
  keywords
  sections {
    value {
      name
      id
    }
  }
  topics {
    name
    entityId
    id
  }
  urlAlias
  authors {
    name
    id
  }
  images {
    style(filter: {style: "768x768"}) {
      url
    }
  }
  readingTime
}

fragment articleSourceHeaderArticle on Article {
  urlAlias
  ...entityLink
}

fragment authorBlockPrintArticleArticle on Article {
  ...defaultArticleDateContent
  ...authorNamesArticle
}

fragment authorNameAuthor on Author {
  ...entityLink
  name
  entityUuid
}

fragment authorNamesArticle on Article {
  authorLocations
  authors {
    entityId
    location
    ...authorNameAuthor
    id
  }
}

fragment blockquoteQuoteContent on Content {
  __isContent: __typename
  ...contentShareWidgetContent
}

fragment checkersCheckContentContainsStarlingImageContent on Content {
  __isContent: __typename
  topics {
    entityId
    id
  }
}

fragment contentHeadlineContent on Content {
  __isContent: __typename
  headline
  socialHeadline
  ...contentHeadlineTagContent
  ...helpersUseContentSponsorContent
}

fragment contentHeadlineTagContent on Content {
  __isContent: __typename
  ...hooksContentHeadlineTagContent
}

fragment contentNewsletterWidgetContent on Content {
  __isContent: __typename
  topics {
    relatedNewsletters {
      ...helpersMassageToNewsletterItemNewsletter
      id
    }
    id
  }
  sections {
    value {
      relatedNewsletters {
        ...helpersMassageToNewsletterItemNewsletter
        id
      }
      id
    }
  }
  ... on Article {
    relatedNewsletters {
      ...helpersMassageToNewsletterItemNewsletter
      id
    }
  }
}

fragment contentSchemaRenderContent on Content {
  __isContent: __typename
  ...blockquoteQuoteContent
  ...imageContent
  ...inlineWidgetContent
  ...photoGalleryWidgetContent
  ...scmpYoutubeContent
}

fragment contentShareWidgetContent on Content {
  __isContent: __typename
  entityId
  urlAlias
  shortUrl
  socialHeadline
  headline
}

fragment contentSponsorTagContent on Content {
  __isContent: __typename
  ...helpersUseContentSponsorContent
}

fragment contentSubHeadlineContent on Content {
  __isContent: __typename
  subHeadline {
    json
  }
  summary {
    json
  }
  ...contentSchemaRenderContent
}

fragment defaultArticleDateContent on Content {
  __isContent: __typename
  ...hooksArticleDateUtilsContent
}

fragment entityLink on BaseWithApplicationAndUrlAlias {
  __isBaseWithApplicationAndUrlAlias: __typename
  __typename
  entityId
  entityUuid
  urlAlias
  urlRedirect {
    toUrl
    id
  }
  application {
    entityId
    id
  }
  ... on Section {
    fullSectionPath {
      entityId
      id
    }
    parentSection
  }
  ...helpersAppBarVariantBase
  ...helpersApplicationBase
  ...helpersCheckIsPlusArticle
  ...helpersStyleSectionContent
}

fragment helpersAppBarVariantBase on BaseWithApplicationAndUrlAlias {
  __isBaseWithApplicationAndUrlAlias: __typename
  ...helpersCheckIsLiveArticle
  ...helpersCheckIsPlusPage
  ...helpersCheckIsPostiesArticle
  ...helpersCheckIsPostiesPage
  ...helpersCheckIsPostMagazineArticle
  ...helpersCheckIsStyleArticle
  ...helpersSectionContent
  ...helpersStyleSectionContent
}

fragment helpersApplicationBase on BaseWithApplicationAndUrlAlias {
  __isBaseWithApplicationAndUrlAlias: __typename
  ...helpersCheckIsPostiesArticle
  ...helpersCheckIsPostiesPage
  ...helpersCheckIsPlusPage
}

fragment helpersCheckIfNewsSectionInFirstIndexSection on Section {
  name
}

fragment helpersCheckIsAmpEnabledArticle on Article {
  entityId
  types {
    value {
      entityId
      id
    }
  }
  sections {
    value {
      entityId
      id
    }
  }
  disableOffPlatformContent
  sponsorType
  published
  ...helpersCheckIsPlusArticle
  ...helpersCheckIsPostiesArticle
}

fragment helpersCheckIsLiveArticle on Article {
  flattenTypeIds
  liveArticle {
    status
    id
  }
}

fragment helpersCheckIsMainTopicContent on Content {
  __isContent: __typename
  topics {
    entityId
    id
  }
}

fragment helpersCheckIsPlusArticle on Content {
  __isContent: __typename
  ... on Article {
    paywallTypes {
      entityUuid
      id
    }
  }
}

fragment helpersCheckIsPlusPage on Page {
  urlAlias
}

fragment helpersCheckIsPostMagazineArticle on Article {
  sections {
    value {
      entityId
      id
    }
  }
}

fragment helpersCheckIsPostiesArticle on Article {
  sections {
    value {
      entityId
      id
    }
  }
}

fragment helpersCheckIsPostiesPage on Page {
  urlAlias
}

fragment helpersCheckIsStyleArticle on Content {
  __isContent: __typename
  sections {
    value {
      entityId
      id
    }
  }
}

fragment helpersGetArticleTypeArticle on Content {
  __isContent: __typename
  ... on Article {
    types {
      value {
        entityId
        id
      }
    }
  }
}

fragment helpersMassageToNewsletterItemNewsletter on Newsletter {
  entityId
  name
  alternativeName
  description {
    text
  }
  summary {
    text
  }
  homepageDescription {
    text
  }
}

fragment helpersSanitizeArticleTypeEntityIdsArticle on Article {
  types {
    value {
      entityId
      id
    }
  }
}

fragment helpersSanitizeAuthorTypesArticle on Article {
  authors {
    types
    id
  }
}

fragment helpersSanitizedAuthorEntityIdsArticle on Article {
  authors {
    entityId
    id
  }
}

fragment helpersSectionContent on Section {
  fullSectionPath {
    entityId
    id
  }
}

fragment helpersStyleSectionContent on Section {
  fullSectionPath {
    entityId
    id
  }
}

fragment helpersUseContentSponsorContent on Content {
  __isContent: __typename
  topics {
    entityId
    sponsor {
      ...sponsorTagSponsor
      name
      type
      id
    }
    id
  }
  ... on Article {
    sponsorType
  }
  ...helpersCheckIsMainTopicContent
}

fragment hooksArticleDateUtilsContent on Content {
  __isContent: __typename
  createdDate
  publishedDate
  updatedDate
}

fragment hooksArticleSeoArticle on Article {
  ...helpersCheckIsPostiesArticle
  ...helpersCheckIsPostMagazineArticle
  ...helpersCheckIsStyleArticle
  ...hooksContentHeadlineTagContent
  ...helpersCheckIsAmpEnabledArticle
  entityId
  headline
  socialHeadline
  types {
    value {
      entityId
      id
    }
  }
  authors {
    entityId
    id
  }
  images {
    generic_og: style(filter: {style: "og_image_scmp_generic"}) {
      url
    }
    styles(filter: {styles: ["og_image_posties_article", "og_postmag", "og_image_style", "og_image_scmp_analysis", "og_image_scmp_explainer", "og_image_scmp_editorial", "og_image_scmp_fact_check", "og_image_scmp_debate", "og_image_scmp_live", "og_image_scmp_obituary", "og_image_scmp_opinion", "og_image_scmp_review", "og_image_scmp_series", "og_image_scmp_generic"]}) {
      url
      style
    }
    type
  }
  urlAlias
}

fragment hooksContentHeadlineTagContent on Content {
  __isContent: __typename
  __typename
  ... on Article {
    types {
      value {
        name
        entityId
        description {
          text
        }
        id
      }
    }
    ...helpersCheckIsStyleArticle
  }
  flag
  sections {
    value {
      name
      id
    }
  }
  ...hooksContentHelperContent
}

fragment hooksContentHelperContent on Content {
  __isContent: __typename
  ...helpersSanitizeArticleTypeEntityIdsArticle
  ...helpersSanitizeAuthorTypesArticle
  ...helpersSanitizedAuthorEntityIdsArticle
  flag
}

fragment hooksPaywallPromiseContent on Content {
  __isContent: __typename
  entityId
  ...helpersCheckIsPostiesArticle
}

fragment hooksTrackPageViewArticle on Article {
  entityId
  publishedDate
  headline
  sections {
    value {
      name
      id
    }
  }
  urlAlias
  authors {
    name
    id
  }
  entityUuid
}

fragment imageContent on Content {
  __isContent: __typename
  headline
  ...checkersCheckContentContainsStarlingImageContent
}

fragment inlineWidgetContent on Content {
  __isContent: __typename
  ...contentNewsletterWidgetContent
}

fragment mainImagePrintArticleArticle on Article {
  images {
    title
    url
    isSlideshow
    size_652x446: style(filter: {style: "652x446"}) {
      url
    }
  }
}

fragment photoGalleryDialogContent on Content {
  __isContent: __typename
  __typename
  ...contentShareWidgetContent
}

fragment photoGalleryWidgetContent on Content {
  __isContent: __typename
  ...photoGalleryDialogContent
}

fragment scmpYoutubeContent on Content {
  __isContent: __typename
  entityId
  urlAlias
  publishedDate
}

fragment sponsorTagSponsor on Sponsor {
  name
  type
  images {
    url
  }
}


sections

types

disableOffPlatformContent

sponsorType

published

headline

socialHeadline

authors

images

publishedDate

updatedDate

summary

subHeadline

keywords

topics

readingTime

authorLocations

entityUuid

Reuters

Chinese spies used code first developed by the US National Security Agency to support their hacking operations, Israeli researchers said on Monday, another indication of how malicious software developed by governments can boomerang against their creators.
Tel Aviv-based Check Point Software Technologies issued a report noting that some features in a piece of China-linked malware it dubs “Jian” were so similar they could only have been stolen from some of the National Security Agency break-in tools leaked to the internet in 2017.
Yaniv Balmas, Check Point’s head of research, called Jian “kind of a copycat, a Chinese replica”.
The find comes as some experts argue that American spies should devote more energy to fixing the flaws they find in software instead of developing and deploying malicious software to exploit it.
The NSA declined to comment. The Chinese embassy in Washington did not respond to requests for comment.
A person familiar with the matter said Lockheed Martin Corp – which is credited as having identified the vulnerability exploited by Jian in 2017 – discovered it on the network of an unidentified third party.
In a statement, Lockheed said it “routinely evaluates third-party software and technologies to identify vulnerabilities”.
Suspected Chinese hackers used SolarWinds bug to spy on US agency, insiders say
Countries around the world develop malware that breaks into their rivals’ devices by taking advantage of flaws in the software that runs them. Every time spies discover a new flaw they must decide whether to quietly exploit it or fix the issue to thwart rivals and rogues.
That dilemma came to public attention between 2016 and 2017, when a mysterious group calling itself the “Shadow Brokers” published some of the NSA’s most dangerous code to the internet, allowing cybercriminals and rival nations to add American-made digital break-in tools to their own arsenals.
How the Jian malware analysed by Check Point was used is not clear. In an advisory published in 2017, Microsoft Corp suggested it was linked to a Chinese entity it dubs “Zirconium”, which last year was accused of targeting US election-related organisations and individuals, including people associated with President Joe Biden’s campaign.
Maybe it’s more important to patch this thing and save the world. It might be used against you
Yaniv Balmas, Check Point
Check Point says Jian appears to have been crafted in 2014, at least two years before the Shadow Brokers made their public debut. That, in conjunction with research published in 2019 by Broadcom Inc-owned cybersecurity firm Symantec about a similar incident, suggests the NSA has repeatedly lost control of its own malware over the years.
Check Point’s research is thorough and “looks legit”, said Costin Raiu, a researcher with Moscow-based antivirus firm Kaspersky Lab, which has helped dissect some of the NSA’s malware.
Balmas said a possible takeaway from his company’s report was for spymasters weighing whether to keep software flaws secret to think twice about using a vulnerability for their own ends.
“Maybe it’s more important to patch this thing and save the world,” Balmas said. “It might be used against you.”


Chinese spies used code copied from America’s NSA for hacking operations, researchers say

It is not clear how the China-linked malware analysed by Check Point was used. Photo: Reuters

News

China

Diplomacy


Features in malware so similar they could only have been stolen from break-in tools leaked online, according to Check Point Software Technologies
Head of research describes the malicious ‘Jian’ software as ‘kind of a copycat, a Chinese replica’



Features in malware so similar they could only have been stolen from break-in tools leaked online, according to Check Point Software Technologies report.


Chinese spies used code copied from America’s NSA for hacking operations, researchers say

Features in malware so similar they could only have been stolen from break-in tools leaked online, according to Check Point Software Technologies Head of research describes the malicious ‘Jian’ software as ‘kind of a copycat, a Chinese replica’

Features in malware so similar they could only have been stolen from break-in tools leaked online, according to Check Point Software Technologies

Head of research describes the malicious ‘Jian’ software as ‘kind of a copycat, a Chinese replica’