On Friday, security firm Symantec reported that the spying tools released in WikiLeaks' Vault 7 leak last month have been used against at least 40 targets in at least 16 different countries since at least 2011.
According to WikiLeaks, the Vault 7 collection was leaked from within the CIA's Computer Operations Group.
Symantec says that a hacking group it dubbed "Longhorn" has been using those same tools to hack at least 40 targets in 16 different countries, going back to at least 2011.
"Longhorn has infiltrated governments and internationally operating organizations, in addition to targets in the financial, telecoms, energy, aerospace, information technology, education, and natural resources sectors. All of the organizations targeted would be of interest to a nation-state attacker," Symantec stated.
"Given the close similarities between the tools and techniques, there can be little doubt that Longhorn's activities and the Vault 7 documents are the work of the same group."
"The group is very, very dangerous. We know it is composed of people that are located in North America, their working time is from Monday to Friday, their targets are quite aligned with the targets that are usually targeted by APT (advanced persistent threat) groups."
"These elements suggest to the experts that it is an initial state group, so behind these people there are professionals who work with the government in order to extract information and conduct cyber-espionage activities."
"The report by Symantec collects evidence linking the activity of the group with the activity of US intelligence, the Central Intelligence Agency."
"We cannot exclude the possibility that any government is working to develop sophisticated code, malware, (zero-day) exploits and hacking tools in order to gather intelligence. This is a sign of the times; today, intelligence is mostly made in cyberspace."
WikiLeaks began its Vault 7 leak last month, when it released 8,000 documents from the CIA's Computer Operations Group which revealed the agency's hacking arsenal, including trojans, viruses and other weaponized malware such as remote control systems.
The documents listed the vulnerabilities of popular tech products and devices such as Android, Windows, iPhone and Samsung smart TVs.
On Friday, WikiLeaks released the latest batch of its Vault 7 series of documents. The 27 documents focused on the agency's Grasshopper platform, used to build malware for Microsoft Windows operating systems.
Have you heard the news? Sign up to our Telegram channel and we'll keep you up to speed!