- A hacking group referred to as "Longhorn" has launched cyberattacks against at least 40 targets around the world using information gleaned from the Vault 7 WikiLeaks, Symantec researchers said Tuesday.
- Vault 7 refers to a trove of CIA documents released in March. The organization said the 8,700 documents came from the CIA's Center for Cyber Intelligence, and included documentation for the organizations "hacking aresenal."
- The cyberattacks Symantec attributed to Longhorn follow the "development timelines and technical specifications" of documents in the Vault 7 leak, according to the company. Longhorn also has some of the same "cryptographic protocols" as some of the Vault 7 documents and also employed similar outlined guidelines to avoid detection.
Though WikiLeaks did not actually publish code cybercriminals could take advantage of, some of the hacking code did leak. Now, Symantec has connected some of the Vault 7 leak to active cyberattacks.
The Vault 7 leak revealed security vulnerabilities in products from a slew of companies. With cyberattack documentation in the wild, offering a blueprint for conducting a successful attack, many feared malicious actors would take advantage of the flaws.
In response, some companies issued product warnings, alerting customers of potential security concerns. Cisco issued a critical warning advisory for customers in March alerting that hackers could exploit a vulnerability allowing for remote access and control of affected devices.
One of the concerns with the Vault 7 release was WikiLeaks did not offer companies full disclosure of the technical details and the code of hacking tools to affected companies, including Google, Apple and Microsoft. The organization said the technology companies had to first meet a series of conditions.