Do you remember last month’s news about a massive set of documents exposing the hacking capabilities of the CIA? WikiLeaks made public more than 8,700 documents and files taken from CIA headquarters that illustrate several hacking tools and exploits.
At that time, we told you publishing these hacking tools opened the door for anyone to use the exploits. It turns out that at least one hacking group has been using them for years.
How cybercriminals are using CIA hacking tools
The files released by WikiLeaks in its Vault 7 data dump describe many exploits for both Android and iOS gadgets. The government allegedly uses these exploits to break into users’ gadgets, including computers, smartphones, smart cars and smart TVs. The documents divulge secret methods for compromising antivirus tools, encryption and other security measures intended to keep your information private.
It seems that the government is using these practices to extract credentials or browser history. Not only that, but they’re working to turn our smart TVs into listening devices. Click here to read a more in-depth description of how this exploit works and how to stop it from happening to you.
Now, researchers with Symantec have linked a hacking group codenamed “Longhorn” to the CIA tools exposed by WikiLeaks. The researchers said the group has targeted at least 40 different organizations in 16 countries with the same tools the CIA is using. Impacted targets include financial institutions, energy companies, IT organizations, natural resources sectors and governments.
The link between the CIA tools and Longhorn was discovered by using changelog data. This technique showed that some of Longhorn’s tools were updated at the same time the CIA tools were overhauled with new features.
Symantec researchers said, “Longhorn has used advanced malware tools and zero-day vulnerabilities to infiltrate a string of targets worldwide. Taken in combination, the tools, techniques and procedures employed by Longhorn are distinctive and unique to this group, leaving little doubt about its link to Vault 7.”
What you need to do now
When WikiLeaks released these CIA documents, both Apple and Google responded by updating their operating systems to patch the flaws. Click here to learn how to update your iPhone and iPad. For Android users, click here to learn how to update your Android gadgets.
It’s bad enough knowing our own government could be spying on us. It’s even worse knowing that bad actors could be using the same tools to infect our gadgets.
Make sure that your gadgets are up to date with all security patches to fend off these types of attacks. Also, it’s important to have strong security software protecting your devices.