Saturday, July 4, 21:43
Home security Qihoo: Chinese cyber security firm accuses CIA of hacking

Qihoo: Chinese cyber security firm accuses CIA of hacking

QihooQihoo 360 is the leading supplier cyber security China today published a report accusing the CIA of hacking businesses against Chinese companies and government services for more than 11 years. Specifically, it claims that the CIA's hacking targets were the aviation industry, scientific research institutes, the oil industry, online companies and government services of China. According to Qihoo researchers, CIA hacking operations took place between September 2008 and June 2019, with most of the targets being in Beijing, Guangdong and Zhejiang.

Qihoo notes that much of the CIA's hacking business focused on the civil aviation industry, both in China and elsewhere. The Chinese security firm says its purpose campaign was the long-term and targeted collection of information on all flights worldwide, passengers, freight transport and other related information.cia hacking attacks

The reason why Qihoo links the intrusions it receives with the CIA is because of the malware used during the attacks, namely Fluxwire (1, 2, 3) and Grasshopper (1, 2). Both of these types of malware were unveiled in early 2017 when Wikileaks published the Vault 7, a collection of files describing the CIA's equipment in electronic weapons.

WikiLeaks claimed to have received the files from someone working for the CIA and from a complainant, later identified as Joshua Schultz, and is currently in US court docket. Shortly after the revelations of WikiLeaks Vault 7, Symantec confirmed that Fluxwire was the malicious software Corentry had been watching for years. Qihoo 360's analysis found that the technical details of most samples corresponded to those of Vault 7, such as control commands, PDB paths, and encryption programs. Chinese researchers also claim to have found versions of Fluxwire developed long before the release of Vault 7 leaks, with detection times matching the most public Fluxwire changelog.

In addition, Qihoo researchers claim its development hours malware correspond to US time zones. This is a common technique that US researchers have used many times in the past to associate malware with Chinese hackers.cia hacking attacks

The Qihoo report, however, does not reveal anything new. Most of the information in the report was already known three years ago. The only new information contained in the Qihoo report is the specific targets allegedly destroyed by the CIA in China, information not previously known before today's publication in China. blog of Qihoo.

In its report, Qihoo listed the CIA hacking companies under the code name APT-C-39. CIA hacking companies are also identified by the names Longhorn (Symantec) and Lamberts (name Kaspersky). Qihoo 360 is now the second Chinese security supplier in the past six months to publicly accuse the CIA of employing fraudulent tactics against China.

At the end of September 2019, the cyber security company Qi An Xin published a similar report accusing the CIA of malicious activities against Chinese aviation targets between 2012 and 2017. Emerging researchers did not, however, link the team behind these activities to a specific country, but called the hackers "Rattlesnake". , inspired by the name of a snake that inhabited the southeastern parts of the US and some parts of Mexico.


Please enter your comment!
Please enter your name here


COVID-19: New research looks for antibodies in blood donors

The American Red Cross is examining the blood that has come from donations, and is looking for COVID-19 antibodies that will give it ...

Digital Transformation and Business: What Does Its Failure Mean?

Digital transformation is usually a way for businesses to outperform their competitors and get rid of methods that ...

Covaxin: India releases COVID-19 vaccine in August

The whole planet is waiting for the release of the vaccine for coronavirus, while clinical trials have begun in many countries around the world ....

iOS 13.5.1: iPhone users report battery issues

Have you noticed any changes to your iPhone lately? Maybe, for example, the battery runs out quickly ...

Avaddon ransomware: Attacks through Excel 4.0 macros

Microsoft announced yesterday that Avaddon ransomware spread this week through an old technique that came to the fore again. The...

Apple: Prohibits updating Chinese Apps without permission

Apple is banning developers from updating existing apps in China's App Store if they don't have government approval.

Australia: Thousands of MyGov accounts are sold on the Dark Web

Access to more than 3600 MyGov accounts is being sold on the dark web, potentially exposing thousands of Australians to fraud and identity theft.

Party Time: Watch TV with your friends online

Party Time: Watch TV with your friends on the internet Time for a different party than you are used to, watching your favorite ...

CISA and FBI warn businesses of Tor's risks

The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued a warning to businesses regarding ...

openSUSE: The new Leap 15.2 hard drive has been released

Recently, the next stable version of the openSUSE operating system was released. According to the development team of the operating system, ...