Longhorn Cyber-Espionage Group Is Actually the CIA


MalwareTips Staff
Jul 22, 2014
Security researchers from Symantec have tied the CIA hacking tools leaked by WikiLeaks last month to a cyber-espionage group responsible for at least 40 hacks in 16 countries.

The group's activity came to light in 2014, when security researchers from Symantec first identified attacks from a common actor that appeared to have the backing of a North American nation.

Symantec named the group Longhorn, while Kaspersky tracked its activity under the name of Lamberts.

Vault 7 dump helped reveal group's identity
After WikiLeaks dumped Vault 7, a collection of documents allegedly stolen from the CIA, Symantec experts started going through those files, which were mostly wiki pages and manuals for all sorts of hacking tools.

WikiLeaks claimed the files belonged to the CIA, saying hackers and contractors provided the data. Following the leak, the US Department of Justice refused to admit some of the files in a US case, saying they're classified material, and inadvertently confirming their validity, even if the CIA never publicly acknowledging the leak.

Many clues support Symantec's findings
.. .