To folks at the cybersecurity firm Symantec, the hacking group they call "Longhorn" has always seemed like a state actor.
The group has hacked 40 "targets" in 16 nations, according to Symantec. Longhorn has gone after governments as well as groups involved in finance, energy, telecommunications, education and much more.
"All of the organizations targeted would be of interest to a nation-state attacker," the Symantec Security Response team wrote on Monday.
They now believe that "nation-state attacker" is the CIA.
Symantec doesn't say it outright, but it's hard to come to any other conclusion. Longhorn uses the same malware and hacking techniques laid out in documents published by Wikileaks in a release called Vault 7. Wikileaks says those documents belong to the CIA, and — despite Wikileaks's relatively new penchant for Russian government propaganda — basically no one doubts the claim. Read more...
More about Vault 7, Wikileaks, Symantec, Malware, and Hackingvia Zero Tech Blog
