Hacking tools linked to the CIA in the recent WikiLeaks Vault 7 release were used to target at least 40 organizations in 16 countries, according to internet security firm Symantec.
The techniques detailed in Vault 7 were almost certainly developed and used by the same group, Symantec said Monday. The tech company has corroborated a number of the tool “development timelines” put forward by WikiLeaks.
While Symantec does not specifically mention the CIA – instead referring to the group responsible for the attacks as ‘Longhorn’ – the latest revelation gives further credence to WikiLeaks’ assertion that Vault 7 is part of the intelligence service’s “hacking tools”.
“The tools used by Longhorn closely follow development timelines and technical specifications laid out in documents disclosed by WikiLeaks,” a Symantec statement said.
“The Longhorn group shares some of the same cryptographic protocols specified in the Vault 7 documents, in addition to following leaked guidelines on tacts to avoid detection. Given the close similarities between the tools and techniques, there can be little doubt that Longhorn’s activities and the Vault 7 documents are the work of the same group.”
Longhorn has been active since at least 2011, according to Symantec, infiltrating targets in the financial, telecoms, aerospace and natural resources industries.
“All the the organizations targeted would be of interest to a nation-state attacker. Longhorn has infected 40 targets in at least 16 countries across the Middle East, Europe, Asia, and Africa. On one occasion a computer in the United States was compromised but, following infection, an uninstaller was launched within hours, which may indicate this victim was infected unintentionally,” Symantec added.
WikiLeaks recently published a tranche of information purportedly comprising files from a CIA center in Langley, Virginia. The hacks detailed in the documents included using of malware and trojans designed by a CIA Engineering Development Group to be “unaccountable” and “untraceable”, Julian Assange said.
click here to read more