Symantec unveils the CIA Longhorn hacking team

Symantec he said that he has been able to link at least 40 16-targeted attacks to the 7 countries with tools that first announced WikiLeaks through Vault XNUMX that reveals the CIA's spying tactics.

In a lengthy report, Symantec talks about a well-organized group called Longhorn and, according to the security company, made those attacks. The company emphasizes that Longhorn is made up of CIA agents, and has plenty of evidence.Symantec CIA Longhorn

"The tools used by Longhorn follow exactly the development schedule and technical specifications set out in the documents published by Wikileaks. The Longhorn team shares the same encryption protocols set out in the Vault 7 documents, except that they follow the same tactics guidelines to avoid detection. "Given the similarities between the tools and the techniques, there can be no doubt that Longhorn's activities and the documents that leaked through Vault 7 are the work of the same team," the security company said.

Who's on Longhorn?

Η Longhorn είναι μια ομάδα που δραστηριοποιείται τουλάχιστον από το 2011, χρησιμοποιώντας μια σειρά από backdoors trojans και ευπάθειες zero-day για να αποκτήσει πρόσβαση στους στόχους της. Η ομάδα έχει καταφέρει να διεισδύσει σε κυβερνητικές οργανώσεις και εταιρείες με διεθνή δραστηριότητα. Οι στόχοι της είναι εταιρείες και κυβερνητικοί οργανισμοί που ασχολούνται με οικονομικά, τηλεπικοινωνίες, , aerospace, information technology, education, natural resources sectors, Symantec says but does not specifically name them.

These targets were in 16 countries across the Middle East, Europe, Asia and Africa. In fact, one was breached once s in the United States, but the malware was uninstalled within hours, indicating that the infection was likely unintentional.

As soon as WikiLeaks started publishing the της CIA, η Symantec διαπίστωσε ότι ορισμένα από τα έγγραφα αυτά περιείχαν πληροφορίες που συνδέονται στενά με την ανάπτυξη ενός y of Longhorn, called the Corentry trojan. Symantec announced that the tool has new features that it discovered when it was able to collect more samples.

Symantec reports that it has detected Longhorn from 2014 when it drew its attention by using a zero-day exploit that had been embedded in a Word document. Other malware used by Longhorn is Corentry, Backdoor.Trojan.LH1, and Backdoor.Trojan.LH2.

Before the WikiLeaks revelations, Symantec believed that the Longhorn group was a very well-funded group involved in intelligence gathering operations. Timestamps for the group's work show that the hackers work from Monday to Friday, which made it pretty clear that the group was of some government s.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).