Symantec unveils the CIA Longhorn hacking team

Η he said that he has been able to link at least 40 16-targeted attacks to the 7 countries with tools that first announced WikiLeaks through Vault XNUMX that reveals the CIA's spying tactics.

In a lengthy report, Symantec talks about a well-organized group called Longhorn and, according to the security company, made those attacks. The company emphasizes that Longhorn is made up of CIA agents, and has plenty of evidence.Symantec CIA Longhorn

«Τα εργαλεία που χρησιμοποιούνται από την Longhorn ακολουθούν ακριβώς το χρονοδιάγραμμα ανάπτυξης και τις τεχνικές προδιαγραφές που ορίζονται στα έγγραφα που δημοσίευσε το Wikileaks. Η ομάδα Longhorn μοιράζεται τα ίδια πρωτόκολλα κρυπτογράφησης που καθορίζονται στα έγγραφα του Vault 7, εκτός του ότι ακολουθούν τις ίδιες κατευθυντήριες γραμμές τακτικής για να αποφύγουν τον εντοπισμό. Λαμβάνοντας υπόψη τις ομοιότητες μεταξύ των εργαλείων και τεχνικών, δεν μπορεί να υπάρχει αμφιβολία ότι οι δραστηριότητες της Longhorn και τα έγγραφα που μέσω του Vault 7 είναι έργο της ίδιας ομάδας,” αναφέρει η εταιρεία ασφαλείας.

Who's on Longhorn?

Η Longhorn είναι μια ομάδα που δραστηριοποιείται τουλάχιστον από το 2011, χρησιμοποιώντας μια σειρά από backdoors και ευπάθειες zero-day για να αποκτήσει πρόσβαση στους στόχους της. Η ομάδα έχει καταφέρει να διεισδύσει σε κυβερνητικές οργανώσεις και with international activity. Its targets are companies and government organizations involved in finance, telecommunications, energy, aerospace, of the information, , natural resource domains, Symantec says but does not specifically name them.

These targets were in 16 countries across the Middle East, Europe, Asia and Africa. Once, a computer was infected in the United States, but the malware was uninstalled within a few hours, indicating that the infection was probably inadvertently.

As soon as WikiLeaks started publishing the of the CIA, Symantec found that some of these documents contained information closely related to the development of a Longhorn tool called the Corentry trojan. Symantec announced that the tool has new features that it discovered when it was able to collect more samples.

Symantec reports that it has detected Longhorn from 2014 when it drew its attention by using a zero-day exploit that had been embedded in a Word document. Other malware used by Longhorn is Corentry, Backdoor.Trojan.LH1, and Backdoor.Trojan.LH2.

Prior to WikiLeaks revelations, Symantec believed that Longhorn was a very good fundraising team dealing with information gathering operations. Time stamps for the team's work show that hackers are working from Monday to Friday, making it quite clear that the group was a state agency. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).