A new malware believed to have been developed by the US Central Intelligence Agency (CIA) was spotted from “a collection of malware samples” studied since Feb. 2019.
Kaspersky, the cybersecurity firm that discovered the malware, said that it shared similarities with past CIA malware prompting them to track its activity and gave it the codename “Purple Lambert.”
CIA’s ‘Purple Lambert’ Spotted: What Can the Malware Do?
Kaspersky published an APT Trends report on Apr. 27, which details the cybersecurity firm’s observations on activities in Q1 2021.
According to the report, the malware that Kaspersky named the Purple Lambert contains a certain network module that passively listens to network traffic and searches for a “magic packet.”
The CIA’s newly discovered malware can provide the agency with basic information about the system it had infected and can execute a payload it had received.
Kaspersky believes that the malware was compiled and deployed as early as 2014, and may have been continuously deployed until 2015.
The malware’s functionality resembles that of a previous malware that was linked to a CIA document exposed in 2017.