Alwaght- US spy agency reportedly have been hacking into Chinese aviation, energy, internet and even government sectors for more than a decade.
Beijing-based cybersecurity firm Qihoo 360, in a brief blog post published on Monday in English and Chinese, said it discovered the spying campaign by comparing samples of malicious software it had discovered against a trove of CIA digital spy tools released by WikiLeaks in 2017.
Qihoo 360 data have shown that the cyber weapons used by the organization and the cyber weapons described in the CIA Vault 7 project are almost identical.
The attacks were traced as far back as September 2008, with the greatest concentration of targets in Beijing, Guangdong and Zhejiang provinces, the company said. Among the targeted sectors were civil aviation, scientific research institutions, oil and petroleum industries, internet companies and Chinese government.
The cybersecurity firm came to a conclusion that the attack was initiated by a “state-level hacking organization” because the hackers had used “CIA-exclusive cyber weapons” such as Fluxwire and Grasshopper – long before they were publicly revealed to have been developed by US spies, when WikiLeaks published the so-called “Vault7” cache of documents in March 2017.
Control commands and encryption schemes of APT-C-39 also lined up with Vault7 disclosures, while compilation times matched “North American business hours,” Qihoo said.
The CIA coder accused of leaking the documents, Joshua A. Schulte, is currently on trial for espionage in the US.
Another Chinese antivirus company, Qi-Anxin, published a report in September 2019 also accusing the CIA of hacking Chinese companies, notably the aviation sector. Qi-Anxin’s research was also based on analyzing CIA software made public by WikiLeaks.