Chinese security firm says CIA hacked Chinese targets for the past 11 yearsQihoo 360 becomes second Chinese security vendor to blame the CIA for hacks against its civil aviation sector.
China's largest cyber-security vendor has published today a report accusing the CIA of hacking Chinese companies and government agencies for more than 11 years.
The report, authored by Qihoo 360, claims the CIA hacked targets in China's aviation industry, scientific research institutions, petroleum industry, Internet companies, and government agencies.
CIA hacking operations took place between September 2008 and June 2019, and most of the targets were located in Beijing, Guangdong, and Zhejiang, Qihoo researchers said.
Qihoo claims that a large part of the CIA's hacking efforts focused on the civil aviation industry, both in China and in other countries.
The Chinese security firm claims the purpose of this campaign was "long-term and targeted intelligence-gathering" to track "real-time global flight status, passenger information, trade freight, and other related information."
Qihoo says it linked the attacks to the CIA based on the malware used in the intrusions -- namely Fluxwire [1, 2, 3] and Grasshopper [1, 2].
Both malware strains came to light in early 2017 when Wikileaks published the Vault 7 dump, a collection of documentation files detailing the CIA's arsenal of cyber-weapons.
WikiLeaks claimed it received the files from a CIA insider and whistleblower, later identified as Joshua Schultz -- currently under trial in the US.
Weeks after the WikiLeaks Vault 7 revelations, Symantec confirmed that Fluxwire was the Corentry malware that they had been tracking for years.
"Qihoo 360 analysis found that the technical details of most of the samples are consistent with the ones in the Vault 7 document, such as control commands, compile PDB paths, encryption schemes," the Chinese researchers said -- echoing the findings of the Symantec report.
The Chinese researchers also claim they found Fluxwire versions deployed in the wild long before the Vault 7 leaks became public, with detection times matching the now-public Fluxwire changelog.
Furthermore, Qihoo researchers also claim that the malware's compilation times are consistent with US timezones. Ironically, this is a common technique that US investigators have used to link malware samples back to Chinese hackers many times in the past.
The Qihoo report does not bring anything new to the table. Most of the information in the Qihoo report was already public knowledge that was shared and confirmed from different sources more than three years ago.
The only new information included in the Qihoo report is the specific targets that have allegedly been hacked by the CIA in China, information that was not previously known before today's Qihoo blog post.
CALLING OUT FOR RETRIBUTION
But the Qihoo 360 report might also play a bigger role in the grand scheme of things and signal a change in how the Beijing government deals with the US and its offensive hacking operations.
Shortly after the report went live, news outlets known for being a mouthpiece for the Chinese regime have begun calling for "swift action" against "US institutions, including the CIA, its hacking group and personnel involved in the cyber-attacks."
"Legal and all other possible channels should be considered to remedy the damages the US attacks have imposed on Chinese institutions and the public," wrote today Global Times China.
This call for legal action against the US and CIA officers didn't come out of the blue but looks like the first steps towards retribution.
Last month, the US charged four Chinese military officers for the Equifax hack. Prior to that, the US Department of Justice frequently charged members of Chinese hacking groups, such as: ...
Related:CIA: 2020-03-05 FISA court bans officials involved in Carter Page wiretaps from seeking surveillance
CIA: 2020-03-04 The Myth of Moderate Nuclear War. There are many influential supporters of nuclear war, and some of these contend that the use of
CIA: 2020-03-04 Iran: Man convicted of spying for the CIA will be executed soon
CIA: 2020-03-04 The Myth of Moderate Nuclear War. There are many influential supporters of nuclear war, and some of these contend that the use of
CIA: 2020-03-04 Iran: Man convicted of spying for the CIA will be executed soon
Related:Grasshopper: 2012-06-14 Plague of Locusts or Where's Charlton Heston When You Need a Moses
Grasshopper: 2011-09-09 Islamic Jihad operative killed in Gaza blast
Grasshopper: 2010-02-22 Friedman: The Fat Lady Has Sung
Grasshopper: 2011-09-09 Islamic Jihad operative killed in Gaza blast
Grasshopper: 2010-02-22 Friedman: The Fat Lady Has Sung
Related:Wikileaks: 2020-02-25 CIA fakes story about its own corrupt deeds dealing with Iranian terrorist org Jundallah and Abdolmalek Rigi. Plants stories in mainstream media to edit the historical record to create sources for Wikipedia.
Wikileaks: 2020-02-18 Syria Army Finds Mass Grave near Damascus
Wikileaks: 2020-02-08 Israeli sovereignty and the fate of the Trump plan
Wikileaks: 2020-02-18 Syria Army Finds Mass Grave near Damascus
Wikileaks: 2020-02-08 Israeli sovereignty and the fate of the Trump plan