Dubbed Purple Lambert by Kaspersky; the malware passively listens to network traffic and search for a “magic packet.”
The Global Research and Analysis Team (GReAT) at Kaspersky Lab has discovered a new malware which the company claims is developed by the American Central Intelligence Agency (CIA).
The Moscow, Russia-based cybersecurity giant said it spotted the malware in “a collection of malware samples” belonging to several APT groups. These samples were received by Kaspersky and other cybersecurity companies in February 2019.
According to researchers, the samples were compiled in 2014 and, accordingly, were likely deployed in 2014 and possibly as late as 2015.
Purple Lambert malware
Dubbed Purple Lambert by Kaspersky researchers; the malware is equipped with backdoor capabilities allowing it to passively listen to network traffic and search for a “magic packet.”
Additionally, the malware can extract basic information from a targeted system along with executing the payload it receives from its operators.
These details were shared by Kaspersky on April 27th in its APT Trends report- Q1 2021.
CIA, WikiLeaks, Vault7 & Lambert malware family
Although Kaspersky’s report did not name the CIA, listing the malware in the category of Lambert malware family reveals its connections with the agency.
How? In 2017, days when the whistleblowing organization WikiLeaks exposed the CIA’s large-scale hacking capabilities in a series called Vault7, the cybersecurity firm Symantec published a blog post about a malware it called Longhorn, on the other hand, Kaspersky researchers named the same malware as the Lambert f ..
Support the originator by clicking the read the rest link below.
