To attribute the cyberattacks, the experts relied on the technical elements revealed by Vault 7, this set of confidential documents that a former CIA employee leaked in 2017 through WikiLeaks.
In a blog note, security researchers at the Chinese company Qihoo 360 have just highlighted the hacking activities ... of the CIA, the American intelligence service, in the Middle Empire.
According to them, Uncle Sam's cyber spies have attacked multiple Chinese industrial sectors during the past eleven years: aviation, scientific research institutes, petroleum, high-tech, etc. Government agencies have also been in their sights. The regions most affected by CIA espionage - "APT-C-39" - are Beijing, Guangdong and Zhejiang.
To detect the activities of the CIA, the researchers of Qihoo 360 relied on the technical elements revealed by Vault 7, these ultra-confidential documents that a former CIA employee leaked in 2017 through WikiLeaks and which describe a whole part of the secret agency’s cyber arsenal.
To attribute the cyber attacks to the CIA, Chinese researchers have, among other things, compared the source codes, the commands used, the compilation paths and the compilation times. These are all indications that make the probability very high that these cyber attacks were indeed perpetrated by American agents.
Also to discover on video
Incidentally, we discover that the CIA has also used NSA tools in China, such as WISTFULTOLL. This plugin appears in Edward Snowden's documents and allows you to extract information from a Windows 2000, 2003 or XP computer.
The fact that the activities of the CIA are thus thrown into the pasture in the public square can be seen as a revenge. For several years, the American authorities have regularly and publicly accused Chinese citizens of economic espionage activities. Qihoo 360's blog note is therefore a bit of a response from the shepherd to the shepherdess.
Source: Qihoo 360