Specialists of the Chinese information security company Qihoo 360 published a report in which they accused the CIA of hacking attacks on Chinese companies and government agencies. Moreover, the attacks, according to the researchers, lasted more than 11 years.
Qihoo 360 analysts claim that from September 2008 to June 2019, the CIA hacked various targets in China's aviation and oil industries, research institutes, as well as Internet companies and government agencies.
It is reported that most of the targets were located in Beijing, Guangdong and Zhejiang, and the main CIA efforts were focused on the civil aviation industry in China and other countries. The main goal of this campaign, according to experts, was "long-term and targeted intelligence collection" in order to track the status of international flights in real time, collect information about passengers, cargo, and so on.
The researchers write that they were able to detect CIA attacks thanks to the use of malware such as Fluxwire and Grasshopper.
*https://wikileaks.org/ciav7p1/cms/page_15729329.html
*https://wikileaks.org/ciav7p1/cms/page_17072174.html
*https://wikileaks.org/ciav7p1/cms/page_12353652.html
*https://wikileaks.org/ciav7p1/cms/files/Fluxwire_manual-3.5.0.pdf
Let me remind you that the existence of these types of malware became known in early 2017, when Wikileaks published a dump of Vault 7: a huge archive of documentation detailing various CIA tools and techniques. Then, a few weeks after the release of Vault 7 data, Symantec confirmed that Fluxwire is a malware that they have been tracking for many years under the name Corentry. Now, Chinese researchers are essentially repeating Symantec's findings in their report, and also note that they found Fluxwire samples long before the Vault 7 dump became publicly available, and their compilation time corresponds to US time zones.
In its report, Qihoo 360 refers to CIA hacking operations by the code name APT-C-39. In reports published by other information security companies earlier, CIA operations were also tracked as Longhorn (Symantec designation) and Lamberts (Kaspersky Lab designation).
Many experts point out that there is virtually nothing new in the Qihoo 360 report, most of the information was already public, and researchers only collected and confirmed data from various sources. The only really new information is data about specific targets that were allegedly hacked by the CIA in China.
Qihoo 360 analysts claim that from September 2008 to June 2019, the CIA hacked various targets in China's aviation and oil industries, research institutes, as well as Internet companies and government agencies.
It is reported that most of the targets were located in Beijing, Guangdong and Zhejiang, and the main CIA efforts were focused on the civil aviation industry in China and other countries. The main goal of this campaign, according to experts, was "long-term and targeted intelligence collection" in order to track the status of international flights in real time, collect information about passengers, cargo, and so on.
The researchers write that they were able to detect CIA attacks thanks to the use of malware such as Fluxwire and Grasshopper.
*https://wikileaks.org/ciav7p1/cms/page_15729329.html
*https://wikileaks.org/ciav7p1/cms/page_17072174.html
*https://wikileaks.org/ciav7p1/cms/page_12353652.html
*https://wikileaks.org/ciav7p1/cms/files/Fluxwire_manual-3.5.0.pdf
Let me remind you that the existence of these types of malware became known in early 2017, when Wikileaks published a dump of Vault 7: a huge archive of documentation detailing various CIA tools and techniques. Then, a few weeks after the release of Vault 7 data, Symantec confirmed that Fluxwire is a malware that they have been tracking for many years under the name Corentry. Now, Chinese researchers are essentially repeating Symantec's findings in their report, and also note that they found Fluxwire samples long before the Vault 7 dump became publicly available, and their compilation time corresponds to US time zones.
In its report, Qihoo 360 refers to CIA hacking operations by the code name APT-C-39. In reports published by other information security companies earlier, CIA operations were also tracked as Longhorn (Symantec designation) and Lamberts (Kaspersky Lab designation).
Many experts point out that there is virtually nothing new in the Qihoo 360 report, most of the information was already public, and researchers only collected and confirmed data from various sources. The only really new information is data about specific targets that were allegedly hacked by the CIA in China.
