CIA hacking tools that WikiLeaks exposed as part of its Vault 7 data dump are linked to a rash of trojans and zero-day vulnerabilities that have infected computers since 2011, anti-virus software Symantec claimed this week.
The attacks, which Symantec researchers have lumped together into a single virus that they codenamed "Longhorn," have targeted at least 40 different organizations in 16 countries in the Middle East, Europe, Asia, and Africa. The victims include companies in the financial, telecom, energy, aerospace, IT, education, and natural resources sectors, as well as governments and international NGOs.
Symantec made the link between Longhorn and the WikiLeaks CIA hacking trove using changelog data, which shows that new features were added to the CIA tools at the same time as updates to some of Longhorn's tools. Other similarities exist, too, including cryptographic practices and the methods that both sets of tools use to cover their tracks on the systems they infect.
Related
- WikiLeaks Trove Appears to Show CIA Hacking ToolsWikiLeaks Trove Appears to Show CIA Hacking Tools
"Longhorn has used advanced malware tools and zero-day vulnerabilities to infiltrate a string of targets worldwide," Symantec said in a blog post. "Taken in combination, the tools, techniques, and procedures employed by Longhorn are distinctive and unique to this group, leaving little doubt about its link to Vault 7."
Symantec said it first became aware of Longhorn in 2014, and that its anti-virus products provide protection against the malware. The company hasn't identified any domestic targets; although it observed one computer in the US infected with Longhorn, the virus uninstalled itself within hours, suggesting that the infection was inadvertent.
WikiLeaks first announced its possession of the Vault 7 hacking tools in early March, claiming that they were widely circulated among government contractors, one of whom leaked them to the organization.
As a result, Chrome will distrust Symantec's security certificates.
The leaked documents include user guides that show the CIA's efforts to install its surveillance code on Mac firmware.
A saying goes that there is a string that connects us that is not visible to the eye. But in today's modern world, wires that literally connect us for communica...
Linux allows you to create symbolic links, or symlinks, that point to another file or folder on your machine. The best way to do this is with the ln terminal command—though there are some graphical file managers that can create symbolic links too.
Relax Symantec Links Trojans, Malware to CIA Hacking Tools stories
Shadow Brokers tried unsuccessfully to ransom its trove of surveillance tools, so it released them for free.
The leak contains numerous lines of computer code that appear to show how the CIA can access communications from iPhones, Android, and Windows.
Is public Wi-Fi safe? Hell, no. But there are steps you can take.
The feature, available first on the Cadillac CT6, will allow drivers to take their hands off the wheel and let the car steer itself on the highway.
Ajit Pai proposed that the agency terminate a 2013 plan that sought to relax rules governing mobile communications on planes.
Shadow Brokers tried unsuccessfully to ransom its trove of surveillance tools, so it released them for free.
The AI software will compete against the best Chinese players of the game of Go in a tournament near Shanghai next month.
The LG G6 and Samsung Galaxy S8 have tall, narrow screens. You can't compare them using diagonals. Let's use something I call SQUID instead.
Don't freak out, but even your grandparents are sexting. Maybe it's about time we all grew up.
The Algoriddim djay Pro Windows 10 app takes advantage of Surface Studio and Surface Dial to give DJs unprecedented control and flexibility. It also taps into Spotify.
As well as being "tough enough to handle police pursuits" it will save around $3,900 in fuel per vehicle.
LeEco tells PCMag it's backing out of the $2 billion acquisition due to 'regulatory headwinds.'
A virtual private network (VPN) is a powerful tool for staying anonymous and securing your web traffic against snooping corporations, governments, and attackers.