Do you remember last month’s news about a massive set of documents, exposing hacking capabilities of the CIA? WikiLeaks released to the public over 8,700 documents and files taken from CIA headquarters that illustrate several hacking tools and exploits.
At that time, we told you that publishing these hacking tools opened the door for anyone to use the exploits. It turns out that at least one hacking group has been using them for years.
How cybercriminals are using CIA hacking tools
The files released by WikiLeaks in its Vault 7 data dump describe many exploits for both Android and iOS gadgets. The government allegedly uses these exploits to break into users’ gadgets such as computers, smartphones, smart cars and smart TVs. The documents divulge secret methods for compromising antivirus tools, encryption and other security measures intended to keep your information private.
It seems that the government is using these practices to extract credentials or browser history. Not only that, but they are working to turn our smart TVs into listening devices. Click here to read a more in-depth description of how this exploit works and how to stop it from happening to you.
What’s happening now is, researchers with Symantec have linked a hacking group, codenamed “Longhorn,” to the CIA tools exposed by WikiLeaks. The researchers said the group has targeted at least 40 different organizations in 16 countries across the globe with the same tools the CIA is using. Impacted targets include financial institutions, energy companies, IT organizations, natural resources sectors, governments and more.
The link between the CIA tools and Longhorn was discovered by using changelog data. This technique showed that some of Longhorn’s tools were updated at the same time the CIA tools were overhauled with new features.
Symantec researchers said, “Longhorn has used advanced malware tools and zero-day vulnerabilities to infiltrate a string of targets worldwide. Taken in combination, the tools, techniques, and procedures employed by Longhorn are distinctive and unique to this group, leaving little doubt about its link to Vault 7.”
What you need to do now
When WikiLeaks released these CIA documents, both Apple and Google responded by updating their operating systems to patch the flaws. Click here to learn how to update your iPhone and iPad. Click here to learn how to update your Android gadgets.
It’s bad enough knowing our own government could be spying on us. It’s even worse knowing that bad actors could be using the same tools to infect our gadgets.
Make sure that your gadgets are up to date with all security patches to fend off these types of attacks. Also, it’s important to have strong security software protecting your devices.