Cyberespionage: Kaspersky Identifies New CIA Hacking Tools

Every month, antivirus vendors receive samples of ongoing threats. For two years, Kasperksy has isolated very sophisticated malware, and he has just identified it as cyber-espionage software used by US intelligence.

You will also be interested

<path d="m58.606949,115.914l90.889514,-109.634c3.410272,-4.184 8.054131,-6.28 13.91367,-6.28c5.868493,0 10.509367,2.093 13.91765,6.28l90.890509,109.634c4.921416,5.905 5.771994,12.371 2.554719,19.414c-3.409277,7.044 -8.904709,10.566 -16.476348,10.566l-54.537489,0l0,182.723l90.890509,0c3.030247,0 5.397939,1.048 7.10208,3.142l45.446747,54.816c2.272188,2.854 2.649228,6.19 1.137089,9.996c-1.517113,3.433 -4.26085,5.14 -8.239169,5.14l-199.955538,0c-2.656192,0 -4.827902,-0.852 -6.533038,-2.562c-1.702151,-1.715 -2.55273,-3.901 -2.55273,-6.571l0,-246.681l-54.535499,0c-7.575618,0 -13.063092,-3.521 -16.477343,-10.566c-3.406292,-6.85 -2.551735,-13.322 2.564668,-19.417z"/> [EN VIDÉO] What is a cyberattack? With the development of the Internet and the cloud, cyber attacks are more and more frequent and sophisticated. Who is behind these attacks and for what purpose? What are the methods of hackers and what are the most massive cyber attacks?

To spy and counter-spy, intelligence agencies in any country use the same tools as hackers: malware. Everything is a secret, but Kaspersky thinks he has got his hands on software used by the CIA. Obviously, taking care not to name it.

In his quarterly report , the only famous antivirus editor explains that it has studied malware samples sent in February 2019 to security experts. This is what is usually done, and the largest antiviruses are responsible for analyzing them to strengthen the protection of their solutions, but also to take stock of current threats.

A variant of a Trojan horse used since 2014 Some of the samples cannot be associated with any known activity. Kaspersky explains that it then isolated the most sophisticated malware, and experts found similarities in the coding, style and the techniques used in the so-called Lambert malware family. Four years ago, under the name of Vault7 , WikiLeaks had revealed to the general public the tools of the CIA and, at Kaspersky, we had decided to classify them under the name of Lambert, with a code color for each variant.

Today, it is therefore Purple Lambert, and this Trojan makes it possible to monitor network activity on the computer infected. It is passive malware, which acts in the background, and according to Kaspersky its code dates back to 2014. It is an extremely rare find and, of course, the publisher does not name the CIA ... But as it stores its discovery in the " Lambert family ", Obviously, these are the hacking toolkits used by US intelligence in the past against the" Islamic State ", or the Chinese civil aviation sector.